Vulnerability Assessment

When you’re planning to launch your e-business, have a web application that collects customers information, provide financial transaction services or your corporate infrastructure is connected to the internet, security must be your No. 1 concern. But in today’s computing environments, system security is a horrible game of numbers.

Consider the facts: Hundreds of new vulnerabilities are being discovered annually, dozens of new patches are being released monthly, and thousands of systems are already behind the security eight ball. Compounding matters, when opening your perimeter for consumers and business partners, system-level security becomes even more critical as it forces an increase in exposure points. Make no mistake, the odds are not in your favor–you have to patch every hole, but an attacker need find only one to get into your environment.

Vulnerability scans are an essential component in an effective information security program. Vulnerability scans can provide you with a wealth of valuable information about your level of exposure to threats. Continuously conducting assessments of your critical, high-risk information assets helps to proactively fortify your environment against emerging threats.

Our Vulnerability Assessment Services

STEALTH – ISS® Security Assessments ensure that each level of an organization’s information infrastructure meets customer-driven information security objectives. We use state-of-the art tools, seasoned IT and security professionals, and industry security best practices and standards to create a detailed analysis that identifies areas of all possible risks and recommended remediation efforts. Our assessment services range from enterprise-wide evaluations to individual program and code-reviews, including:

Network Vulnerability Assessment 

STEALTH – ISS®’s Network Vulnerability Assessment identifies known network vulnerabilities using the most sophisticated techniques available. Mimicking a malicious intruder, we gather network and device level information, run automated scanning tools, and use extensive manual testing to discover and verify network vulnerabilities.

STEALTH – ISS®’s external network vulnerability testing probes Internet points-of-presence and associated connected devices for known security vulnerabilities. Internal network vulnerability testing assesses network security from inside a DMZ or from within an organization or business unit. All testing uses strict controls with an emphasis on protecting each client’s security and privacy.

Application Vulnerability Assessment

STEALTH – ISS®’s Application Vulnerability Assessment identifies known security vulnerabilities by reviewing and probing an application’s security controls. This ‘black box’ security testing examines an application’s run-time behavior using a variety of techniques customized for each application type. Examples of some Application Vulnerability Assessment tests include but are not limited to, the following:

* Testing the ability to replay authentication data
* Looking for exposure of sensitive data on servers
* Taking advantage of inadequate input validation controls
* Exploiting of buffer overflow vulnerabilities
* Examining of database connectivity and queries

Tests are performed both from the perspective of a trusted user and as an anonymous user (without valid user credentials). A detailed findings report, and recommendations for remediation of discovered vulnerabilities, is provided.

In order to effectively prevent problems before they start, we recommend a monthly vulnerability assessment. At the very least, your organization should undergo a network vulnerability analysis once per quarter in addition to any time the network is compromised by an outsider or changes have been made to the existing network. STEALTH – ISS offers monthly, quarterly programs for network vulnerability assessments, including six on-demand scans as well as single vulnerability assessments.

Security

As the Internet continues to grow, businesses are shifting to the digital continuum to work faster, communicate better and establish stronger customer and supplier relationships. But the move toward an increasingly networked business world creates challenges. And security is at the forefront.

Security concerns take many forms. They can be hackers, viruses, bugs, competitors or disgruntled employees. Whatever the security issue, you need to be protected. It’s no longer a matter of choice. It’s a matter of survival.

STEALTH – ISS Group® Inc. works with you to define your security goals and design the right and individual solutions and for your business.

STEALTH – ISS Group® Inc.services are:

  • to implement new and secure information technologies for regional and international security integration.
  • to inform about the latest IT-technologies, in order to find solutions and realize projects
  • to secure our clients from industrial espionage, threats, vulnerabilities, data and identity theft
  • to inform about data security and protection based on national/internationals standards and guidelines and to implement them (ISO, HIPPA etc).
  • to find security flaws and vulnerabilities in all fields and implement security needs/standard for individual companies, organizations and governments.
  • to design and implement IT security projects and networks
  • to realize complete IT project planning and management for our clients
  • perform vulnerability assessments for web sites and portals with databases, online transactions and data collection features