Security Auditing
Security Auditing
A Security Auditings aims in a systematic search for weaknesses in a network and the creation of proposals, how these deficient elements can be eliminated.
Description
Auditing means a procedure where the actual status of IT security gets determined and gets checked for completeness and optimizations. In doing so, we check all major known hardware- and software-platforms.
We check your IT infrastructure - if you wish on a regular basis - for deficiencies. In doing so, you are always aware of your network's topical security.
The result is a detailed audit report including countermeasure proposals essential element of the Security Auditings or Penetration Testing.
This means simulated attacks on your IT infrastructure and its servers, workstations, switches, printers or PBX connected to your network . When deficiencies are detected which can be "cured" by patches, then they are listed in the patch-guide (URL or equivalent file).
In the case of existing security structures like Firewalls, Honeypots/-nets or Intrusion Detection Systems, the purposed functionality can be tested under ideal circumstances.
Benefits
- Raliable state information about the actual security level in your network
- Choice between Safe and Full Mode (may contain brute force and (D)DoS attacks).
- Choice between Blackbox- and Whitebox-Audit
- Possibility of a security audit contract for regular control
- Testing of up to 15600 holes, exploits and weaknesses. (10/2007)
- Testing of WLAN and Bluetooth (optional).
- Exploit of weaknesses for verification.
- Testing of Network and operating system misconfiguration (optional)
- Involving of Social-Engineering-Attacks and/or Wardialing
- Orientation BSI IT Grundschutzhandbuch and OSSTM