|
|
|
Security Assessment
Assessing your technical, physical and administrative security controls is part of maintaining a proactive
security posture. Integrated Systems performs assessments including system audits, code reviews,
network scans, and penetration testing.
Vulnerability Scanning
Our security professionals conduct on-site internal and external vulnerability scans of your
network and systems and work with your IT staff to chart out a course to a more secure
future. We have built our services around industry-proven scanning software maned by
certified security professionals. Our security professionals work with you to produce a report
that complies with industry standards while addressing your unique security needs.
System Security Testing
System configuration and management weaknesses are historically the primary cause of
security breaches. System hardening and management procedures can reduce the risk to
an organization. Integrated Systems has extensive experience in system security testing
in any network environment. Our testing procedures will identify weaknesses in any system
including mainframe OS/390, AS400, Unix/Linux/BSD/Solaris, Windows, databases,
VoIP/telecomm, printers, Network Attached Storage (NAS), and network appliances.
Wireless Security Assessment
Wireless networking technology is one the greatest security challenges facing your IT department
even if you don't officially permit it. Because wifi is readily available and easy to set up, it
represents a security hole you must address. Integrated Systems' FCC licensed personal can
scan the air waves for hidden security risks
Social Engineering
Integrated Systems can help you with the “people” aspect of IT security. Regardless of the policies
you implement and the physical barriers you erect, the strength of your security comes down to the training,
awareness, and vigilance of your people. Security policies and security awareness training are fundamental
parts of an effective security program and mandated by Sarbanes Oxley Section 404. Integrated Systems can
customize testing programs to your needs; many of our security professionals have formal university teaching
experience.
Application Code Review
Application code vulnerabilities and design flaws are the battleground of information security. Integrated
Systems can help your development teams make certain that applications are secure. This includes ensuring
that they are designed based on analysis of risks, threats, and exposures, and tested to meet security
requirements. Integrated Systems audits your application source code to identify vulnerabilities and can help
your organization implement security conscious coding methodologies. An Integrated Systems code review
provides detailed documentation that includes guidance for resolution of code vulnerabilities. Software
development requires that independent code review be incorporated into your security development life-cycle.
Application Penetration Testing
Applications are the most critical interface to your sensitive information assets. Your security risk is critically
linked to the security of your applications. Network and application vulnerability assessment and scanning can
provide a base level of security to your applications. Threat agents and attack vectors incorporate layers of
attacks that leverage innocuous information to expose operational vulnerabilities in an application.
Network Penetration Testing
Network Penetration Testing or "pen testing" provides valuable information about the risk profile of your
network. Automated scanning generally stops at identifying the vulnerability signature and often does not
validate the path a real exploit may attempt. Network penetration testing allows you a complete picture
of the risk exposure that a vulnerability could produce. Annual or quarterly network penetration testing can
complement regular vulnerability scanning and provides a real world validation of configuration and
vulnerability management. In short pen testing simulates a real hacker
|
|
