Review the safety performance of IT systems and networks
Technical analysis of the safety level of IT systems and networks. Complete investigation of the hardware/software systems for security vulnerabilities. Simulation of potential attacks from internal and external perpetrators (intranet, internet). Detection of security vulnerabilities of IT by our holistic analysis process that includes a complete and conclusive investigation path and in particular includes the following sub-processes:
Information Gathering
- Foot-/Fingerprinting: Obtaining information on the entire Hardware-/Software-System (Black-box, White-box)
- Network analysis
Vulnerability Detection and Verification
- Vulnerability scanning: review of the entire hardware-/software-configuration to leaks and covert security bugs (security configuration) and verification of vulnerabilities
- Analysis of firewall rules
- Review of the encryption in networks (WLAN, LAN, WAN) and on servers
- Exploiting known vulnerabilities
Reporting
- Development and review of security strategies: password policies, e-mail policies, firewall, server policies, security mechanisms, security policies etc.
- Determination of safety levels
- Presentation: Preparation of progress (fully documented) results, final report of all investigations with a recommendation for action to enhance security levels
- Conclusive documentation with recommendations to enhance security levels
- Supporting the development of preventive security measures to attack defense and prevention of abuse cases and in the development of a cyclical auditing process to increase the resistance value of IT to continuously and sustainably
