The employee at the desktop actually poses the most threat, often unwittingly, and is the greatest security risk to your organization. In 2006, the Computer Security Institute (CSI) found that more than half of computer incidents did not originate on the Internet, but rather on the local area network. This often happens in the physical realm, as is the case with unlocked workstations, password sharing, and unlocked server rooms. However, a disgruntled employee who has simple knowledge of a vulnerability and with access to the Internet can easily download any number of tools to plant Trojans, capture data, or exploit your network vulnerabilities. This problem is compounded if the internal user is advanced or has been trusted with internal administrative access. However, your risks don't stop there, and neither does Solutionary's internal vulnerability assessment.
Solutionary's internal vulnerability assessment evaluates the effectiveness of your internal security controls, internal monitoring and security administrative practices. Additionally, we recognize that compliance is motivating organizations to gain better visibility into their security posture and operational controls, and to report against security policies and controls. Solutionary can help you on all counts.
Solutionary offers vulnerability assessments in three different modes: blind (no previous knowledge), full disclosure (full knowledge) or partial (some knowledge; blended approach) disclosure. This allows you to scale the assessment to your tactical and/or your strategic needs.
Our internal vulnerability assessments can be performed on a scheduled basis or on demand.
- Solutionary's services are performed only by experienced and credentialed security professionals, most of whom are CISSPs. We participate in industry associations such as InfraGard, OWASP and OSSTMM open source forums. All this is put to work for you; we go beyond the basic vulnerability assessment.
- No need to incur the costs of purchasing, maintaining and running scanning tools.
- Solutionary provides dedicated expertise to focus on the newest vulnerability and remediation approaches.
- Solutionary can accommodate a blended internal and outsource assessment approach, and coexist with and reinforce existing resources, vulnerability management processes and data sources.
- Solutionary's flexible approach is scaled to meet your business requirements. This allows you to reduce the time and cost associated with testing your environment.
- We diagnose the root cause of your security issues, not just treat the symptoms, which will ensure the overall success of your security program.
- Solutionary supports the assessment, process documentation and reporting formatting required to meet multiple management, operational and compliance requirements.
Solutionary provides reports for both the management and the technical side of the business. We identify existing and potential security vulnerabilities on your network and include explanations of the vulnerabilities and associated risk as it relates to your business along with actionable recommendations to address the issues.
- Prioritization - We tell you which issues to fix first, how fast you should take action, and the extent of the issue and the depth of the solution.
- Specifics - Solutionary is as specific as possible when identifying issues and observations so you can treat the root cause of your security issues, and provide tailored recommendations specific to your environment.
- Plain Language - You'll get clear, concise language and documentation that explains issues directly, minimizing jargon and technical language without oversimplifying.
- Verifiable Results - Do you want to know when you have successfully fixed an issue? Solutionary can validate improvements from your current state to the desired state, and provide guidance on how to self-validate your results.
At Solutionary, we make security manageable.
|
|
