Assessment Services

Assess multiple clouds and their service configuration against best practices or industry standards such as PCI, HIPAA using proprietary product CloudOptics

Assess vulnerabilities in the software and network devices, using standard tools. Assessment of services running on each of the target systems and recommending optimum solution. Vulnerabilities are analysed, classified for comprehension and mitigation recommended.

Assessing OS of various systems Linux/Windows for vulnerable configurations and missing hardening against industry standard CIS Benchmarks. Providing remediation scripts and guidance.

Penetration testing of custom applications for vulnerabilities like SQL Injection, Cross Site Scripting etc. (OWASP Top 10)

Assessing risk of SSH key sprawl, compromised access and operations management of SSH

Vulnerabilities and other specific Security Issues with CMS systems (WordPress, Joomla, Drupal) like plugins, themes, default users or other configuration issues

• Domain Profiling –Discover forgotten or unmanaged servers, Discover internet footprint of an organization, Passive reconnaissance for discovery of technologies in use – Competitive intelligence
• WebServer security assessment – Server and software misconfigurations Default files and programs Insecure files and programs, Outdated servers and programs
• SSL Certificate assessment – Weak Ciphers, Heartbleed etc.