Network Vulnerability Assessments
 
A network vulnerability assessment offers a midway step between a network penetration test and a full security audit. By focusing only on identifying and assessing vulnerabilities, you gain the benefit of having your entire network reviewed without the expense that a full security audit entails.
 
There are several components to a vulnerability assessment and their inclusion is determined on a client-by-client basis. These components include:
 

• Scanning and identifying externally available services;

• Checking for service misconfiguration;

• Network penetration test of your network perimeter;

• Testing for dial-in modem;

• Wireless network detection and monitoring;

 
We also focus on SANS/FBI Top Twenty list of the most critical vulnerabilities on Internet.
 
Results of your network vulnerability assessment will be documented in a report that will identify and prioritize vulnerabilities associated with your network, and provide recommendations on how improve the security of your network.
 
Security Audits and Topology of Network
 
Effective security audits are the cornerstone of any proactive security strategy. By identifying weaknesses in your network and practices now, you can mitigate them so they won't become problems later.
 

• You gain the following benefits:

• An independent evaluation of your security;

• Consultants with solid security experience;

• A confidential service you can trust;

 
When we conduct your security audit, we begin with a network penetration test and a network vulnerability assessment.
 
Next we perform a site inspection, assessing your physical security and your network architecture, identifying vulnerabilities, and reviewing your current policies, practices and procedures.
 
Finally we document the result in a report, detailing our findings and analysis and providing detailed recommendations for improving computer security in your organization.
 
Security Policy Development
 
The primary goal of an information security policy is to communicate to an organization the principle that information is a valuable asset and that everyone is responsible and accountable for protecting it.
 
At its core, a security policy is representation of your information security requirements, personnel guidelines and personnel responsibilities.
 
Your policy development is usually done in consultation with a number of your staff from both the business and the IT side. This ensures that your policy is both comprehensive, yet practical.
 
The first step in developing your information security policy is to assess your business needs. This covers areas such as business objectives and network requirements.
 
The next step involves assessing the risks involved in meeting those business needs and establishing procedures to counter those risks. For example, if running an e-commerce server is part of your business needs, how much risk is involved if that server is Microsoft IIS and is patched on an ad-hoc basis? Does your policy require guidelines for IT to apply patches within 24 hours of their release?
 
The final step is to formally write the document and to have management approve and adopt it.
 
Computer Investigations
 
Our computer investigation services can assist your organization in investigations where computers have been used in the commission of criminal offences, theft of intellectual property, fraud, and civil lawsuits.
 
Our investigative services include:

• Emergency incident response, analysis of compromised systems, Internet tracing

• Forensic analysis of computer disk drives, flash camera cards, USB drives and any magnetic medias (phones, PDAs etc.)

• Monitoring of suspicious network activities or internal employees

• Data recovery to retrieve deleted, hidden or encrypted material, recovery of internet activity, chat or chat fragments; email recovery and analysis

• Network and computer monitoring in connection with children

• Keystroke logging & recording, keystroke logging detection and protection