A Security Assessment is the process of employing administration tools & techniques to verify the security of configurations, infrastructure, deployment tiers and even the physical protections.
Shield Cyber Security team will verify configurations for systems, databases and network devices, as well as assess the infrastructure for security problems.
The network is not the only entry point! Verify the physical protection of data centers, IT departments and organizational assets against physical intrusions.
As opposed to Penetration Testing services, a Security Assessment is performed through the perspective of a security administrator (rather than a hacker).
In many cases, organizations do not prefer to employ penetration tests because of a myriad of reasons (such as legal, service disruption concerns, or budget). In this case, a Security Assessment can be the optimal choice, as it allows organizations to check the security configurations, database, physical infrastructure... etc, without having to perform a full penetration test.
Penetration Testing is the process of intentionally hacking and attacking your own network, web applications and organization, for checking how secure your assets really are. Attackers have no regard to your organization's internal policies, the trustworthiness of your employees, or the expertise of your technical staff. Only one fact matters to them; are you vulnerable.
Are you vulnerable? To answer this question; an organization must perform a Penetration Test, in which simulated hacking attacks are performed on its cyberspace, to determine - based on facts and results - how secure (or insecure) an organization really is.
It is in an organization's best interest, economically, and for the sake of reputation, to answer that question before the attackers do.
Vulnerability Assessment is the process of finding, identification and classification of security holes and weaknesses. Vulnerability Assessment provides an insight into the organization's current state of security, and the effectiveness of its countermeasures (if any).
Shield Cyber Security performs detailed Vulnerability Assessments on all technical layers of an organization, from web applications to network devices, and classifies all discovered vulnerabilities according to risk level and severity for example: a) tested infrastructure for security issues such as insecure configuration, outdated software, or default passwords. b) aim to comply with an information security standard such as ISO27001.
The results of Vulnerability Assessments performed by Shield Cyber Security help your organization develop an asset-aware security road map according to which assets require higher priority.
Shield Cyber Security team will perform an in-depth application code analysis to detect security vulnerabilities. Input validation logic, memory management, authentication, API calls and code path flow are all important aspects of software that need to be reviewed and scrutinized.
Source Code Analysis helps in finding security problems that may get masked by the other layers in the network, especially since firewalls can be bypassed through application layer vulnerabilities.
Digital Forensics is the process of performing digital investigations in computer systems, and the legally accepted acquisition of digital evidence.
Shield Cyber Security team can analyze suspicious files, applications and even users, in order to help you secure your network perimeters and contain any possible damage.
Shield Cyber Security can help you analyze hacking attempts (failed or successful, external or internal), as well as collect digital evidence for any legal or technical purpose.
Through a realistic, scenario-based Security Awareness campaign, your employees can understand the culture of security and detect attacks & tricks targeted at your most important assets.
Shield Cyber Security will plan and implement a clear, to-the-point awareness campaign that will introduce security as a responsibility & quality of employees, rather than a burden to progress.