The smartNETGUARD Comprehensive Security Assessment and Third Party Validation Program includes but is not limited to the following:
Security Assessment Key Activities :
- Identify recent changes with the network infrastructure, IT staffing, and external connectivity.
- Gather most current security policies and procedures.
- Identify points of entry to the network and systems architectures.
- Identify critical applications and databases.
- Define the scope of vulnerability scanning and “friendly” exploitation testing.
- Perform external/internal vulnerability scanning and “friendly” exploitation testing at Client's discretion.
- Review vulnerabilities with Client stakeholders.
- Establish a security baseline against which to measure future assessment.
- Create ASQ ranking for all identified devices
- Conduct a facilitated risk identification and mitigation session.
- Document the business impact of each vulnerability with our Client's assistance.
- Assign severity levels to each vulnerability.
- Create / update corporate security policy to reflect desired posture.
- Audit systems for compliance to corporate security policy, created by deSABRAN, with key Executives
- Document corrective actions to eliminate vulnerabilities and estimate level of effort required for remediation
Please contact us to request a sample deliverable security assessment report
|
