Network Security Assessment: CyberSecOp Providing risk advisory services for strategic, operational and tactical level needs, including for market entry, business or program expansions, business resiliency strategies, risk assessments, and incident management.
Network Security Assessment
Our security assessments are designed specifically to meet regulatory requirements and address the needs of any size organization. To determine the adequacy of your existing security controls and to identify security deficiencies, our seasoned security experts will conduct a thorough examination of your IT infrastructure. The assessment includes manual false positive reduction services and vulnerability analysis to determine severity, and a best-practice review.
The assessment process is managed through the company’s cloud-based software solution, CyberSecOp, allowing you convenient access to a variety of tools that can be used to continuously assess the three core components of your information security program – people, processes, and technology.
A security assessment that is conducted remotely includes:
Internal and external port scan
Internal and external network vulnerability scan
Asset classification assistance
CyberSecOp setup, implementation and access to vulnerability management, ticketing and reporting capabilities
Network vulnerability review (false positive reduction of scan data through a manual third-party review)
A Comprehensive Security Assessment (CSA) includes these additional services:
CyberSecOp setup, implementation and access to vulnerability management, compliance, policy, training, ticketing and reporting capabilities
Policy reviews
Policy awareness reviews
In-depth regulatory and/or best practice review
Regulation call to assist with self-assessment
Network topology review
Internal network vulnerability review
False positive reduction of scan data through manual third-party review
Validation of false positive review through manual third-party analysis
Advanced manual vulnerability analysis to determine vulnerability severity
When conducted onsite, the CSA also includes:
Wireless access point identification, including rogue
Physical security review
Dumpster diving at main facility
Offsite consultation and remediation strategy
CSA results are provided in an extensive report containing:
Project overview
Executive summary
Prioritized internal and external network risks and recommendations
Regulatory compliance analysis
Information security policy analysis
Executive level PowerPoint of assessment
Differential reporting
Appendix
On-going CSA services, via CyberSecOp, include:
On-demand generation of comprehensive reports
Unlimited client-executed scans with third-party remote false positive validation
Regulatory compliance and security assessment evaluation metrics through self-assessment
Automated policy development software and policy management
Automated training development software and training management, including access to security awareness training content