Secureality offers a variety of information technology services to small and medium businesses. With a focus on designing and securing the infrastructure of the organization, Secureality can provide cost-effective and highly innovative solutions to help your companies strategic IT problems.
Secureality's Web Application Analysis not only assesses the website for any security vulnerabilities or weakness, but also extends the analysis to the platform and infrastructure that supports the application.
Incident Response Planning
Secureality offers a Network Vulnerability Assessment service that identifies vulnerabilities within an organizations infrastructure. Including both internal and external assessments, our consistent, cross-platform methodology and reporting exceeds regulatory requirements.
Proper methodology is essential to the success of the vulnerability assessment. It involves gathering information and then testing the target environment.
The testing process includes gathering as much information as possible about the network architecture, topology, hardware, and software in order to find all security vulnerabilities. A variety of tools such as port scanners and automated vulnerability testers determine hardware, operating systems, patch levels, and services running on each target device. Specific vulnerabilities identified during this process have been further reviewed and manually tested.
During the assessment process critical infrastructure components were reviewed for compliance with industry-standard best practices. Included in this assessment are components for tape backup procedures and adequacy, user management policy compliance, access and authentication controls, domain review, and virus protection.
The methodology employed throughout the engagement is based on key elements of industry recognized best practices and several assessment and testing methodologies including:
* National Security Agency INFOSEC Assessment Methodology (IAM)
* Open Source Security Testing Methodology (OSSTM)
* National Institute of Standards and Technology (NIST) Security Testing Standards
* ISO17799/BS7799 Assessment Guidelines
* CERT® Coordination Center - Operationally Critical Threat, Asset, and Vulnerability EvaluationSM (OCTAVE)
* Information Security Forums Standard of Good Practice for Information Security
Web Application Analysis