SERVICES

​Secureality offers a Network Vulnerability Assessment service that identifies vulnerabilities within an organizations infrastructure.  Including both internal and external assessments, our consistent, cross-platform methodology and reporting exceeds regulatory requirements.

Proper methodology is essential to the success of the vulnerability assessment. It involves gathering information and then testing the target environment.

The testing process includes gathering as much information as possible about the network architecture, topology, hardware, and software in order to find all security vulnerabilities. A variety of tools such as port scanners and automated vulnerability testers determine hardware, operating systems, patch levels, and services running on each target device.  Specific vulnerabilities identified during this process have been further reviewed and manually tested.

During the assessment process critical infrastructure components were reviewed for compliance with industry-standard best practices.  Included in this assessment are components for tape backup procedures and adequacy, user management policy compliance, access and authentication controls, domain review, and virus protection.

The methodology employed throughout the engagement is based on key elements of industry recognized best practices and several assessment and testing methodologies including:

    * National Security Agency INFOSEC Assessment Methodology (IAM)
    * Open Source Security Testing Methodology (OSSTM)
    * National Institute of Standards and Technology (NIST) Security Testing Standards
    * ISO17799/BS7799 Assessment Guidelines
    * CERT® Coordination Center - Operationally Critical Threat, Asset, and Vulnerability EvaluationSM (OCTAVE)
    * Information Security Forums Standard of Good Practice for Information Security