IT Security Assessment

Our security assessments are designed specifically to meet regulatory requirements and address the needs of any size organization. To determine the adequacy of your existing security controls and to identify security deficiencies, our seasoned security experts will conduct a thorough examination of your IT infrastructure. The assessment includes manual false positive reduction services and vulnerability analysis to determine severity, and a best-practice review.

CyberSecOp’s Cybersecurity assessment services are managed through the company’s cloud-based software solution. CyberSecOp client’s gain convenient access to a variety of tools that can be used to continuously assess the three core components of your information security program – people, processes, and technology. Cybersecurity assessment and IT security risk assessment is a critical component in keeping your business secure.

Comprehensive Network Audit and Assessment Services

A security assessment that is conducted remotely or onsite includes:

• Internal and external port scan

• Internal and external network vulnerability scan

• Asset classification assistance

• CyberSecOp setup, implementation and access to vulnerability management, ticketing and reporting capabilities

• Network vulnerability review (false positive reduction of scan data through a manual third-party review)

Policy Security Assessment & additional ASSESSMENT services:

• CyberSecOp setup, implementation and access to vulnerability management, compliance, policy, training, ticketing and reporting capabilities

• Policy reviews

• Security awareness policy reviews

• In-depth regulatory and/or best practice review

• Regulation call to assist with self-assessment

• Network topology review

• Internal network vulnerability review

  • False positive reduction of scan data through manual third-party review

  • Validation of false positive review through manual third-party analysis

  • Advanced manual vulnerability analysis to determine vulnerability severity

When conducted onsite, the Comprehensive Security Assessment (CSA) also includes:

• Wireless access point identification, including rogue

• Physical security review

• Dumpster diving at main facility

• Offsite consultation and remediation strategy

CSA results are provided in an extensive report containing:

• Project overview

• Comprehensive security assessment methodology

• Executive summary

• Prioritized internal and external network risks and recommendations

• Regulatory compliance analysis

• Information security policy analysis

• Executive level PowerPoint of assessment

• Differential reporting

On-going Comprehensive Security Assessment (CSA) services, via CyberSecOp, include:

• On-demand generation of comprehensive reports

• Unlimited client-executed scans with third-party remote false positive validation

• Regulatory compliance and security assessment evaluation metrics through self-assessment

• Automated policy development software and policy management

• Automated training development software and training management, including access to security awareness training content