IAAS CLOUD CONFIGURATION ASSESSMENT
Assess multiple clouds and their service configuration against best practices or industry standards such as PCI, HIPAA using proprietary product CloudOptics.
INFRASTRUCTURE/NETWORK ASSESSMENT SERVICES
Assess vulnerabilities in the network & network devices, using standard tools. Assessment of services running on each of the target systems and recommending optimum solutions. Vulnerabilities are analyzed, classified for comprehension and mitigation.
OS HARDENING/CONFIGURATION AUDIT & REMEDIATION
Assessing OS of various systems (Linux/Windows) for compliance requirements and simplifying Hardening against industry standard OS benchmarks. Providing remediation scripts and guidance.
APPLICATION PEN TEST
Penetration testing of custom applications for vulnerabilities like SQL Injection, Cross-Site Scripting etc. OWASP Top 10.
SSH RISK ASSESSMENT
Assessing risk of SSH key sprawl, compromised access and operations management of SSH.
CMS VULNERABILITY ASSESSMENT
Vulnerabilities and other specific security issues with CMS systems (WordPress, Joomla, Drupal) like plugins, themes, default users or other configuration issues.
OTHER ASSESSMENT SERVICES
Domain Profiling – Discover forgotten or unmanaged servers. Discover internet footprint of an organization.
Competitive Intelligence Reconnaissance for discovery of technology in use – Competitive landscape.
Website/Server security assessment – Server and software misconfigurations: Default files and programs included, test/debug programs, outdated SDK, deprecated programs.
Server crypto assessment – Weak ciphers, Heartbleed, etc.