IaaS Cloud Configuration Assessment
Assess multiple clouds and their service configuration against best practices or industry standards such as PCI, HIPAA using proprietary product CloudOptics
Infrastructure/Network Assessment Services
Assess vulnerabilities in the software and network devices, using standard tools. Assessment of services running on each of the target systems and recommending optimum solution. Vulnerabilities are analysed, classified for comprehension and mitigation recommended.
OS Hardening/Configuration Audit & Remediation
Assessing OS of various systems Linux/Windows for vulnerable configurations and missing hardening against industry standard CIS Benchmarks. Providing remediation scripts and guidance.
Application Pen Test
Penetration testing of custom applications for vulnerabilities like SQL Injection, Cross Site Scripting etc. (OWASP Top 10)
SSH Risk Assessment
Assessing risk of SSH key sprawl, compromised access and operations management of SSH
CMS Vulnerability Assessment
Vulnerabilities and other specific Security Issues with CMS systems (WordPress, Joomla, Drupal) like plugins, themes, default users or other configuration issues
Other Assessment Services
- Domain Profiling –Discover forgotten or unmanaged servers, Discover internet footprint of an organization, Passive reconnaissance for discovery of technologies in use – Competitive intelligence
- WebServer security assessment – Server and software misconfigurations Default files and programs Insecure files and programs, Outdated servers and programs
- SSL Certificate assessment – Weak Ciphers, Heartbleed etc.