IT Security is in the business of making environments more secure. As we live in our world today, we are guided to meet compliance of industry specific regulations. However the Hackers have identified MANY vulnerabilities which expose our environment to issues which are not part of the compliance model.
This is where IT Security can bridge the cap between Compliance and Security. We offer complete auditing and assessment services as well as remediation to bring the organization into a better security posture. We review our clients' security of network, servers, applications and data; we provide them with a Security Assessment Report including security vulnerabilities and recommendations to secure their systems and data. Our Security Action Plan provides a prioritized risk response executive summary of tasks that eliminate or reduce our clients' security risks.
IT Security Services Categories
- ISO27001 Certification Consultancy Services
- Security Audit & Assessment Services
- IT Audit
- Penetration Test & Ethical Hacking
- Web Application Security Assessment
- Wireless LAN Security Assessment
- Computer Forensic Services
- Information Security Training
- Others Services
- Possession of Certifications
ISO27001 Security Services Categories
We ensure that senior management are fully engaged and support the process so that activities are planned and risk criteria is completed against which an organization will progress. The criteria will be agreed with you to ensure that the risk appetite of the your organization is well understood in the context of your operating environment.
Our ISO27001 consultancy services include:
- ISO27001 gap analysis
- ISO27001 ISO documentation development support
- ISO27001 lead implementer and lead auditor training
This allows the Information Security Managed System (ISMS) to identify and prioritize key risks across the organization.
The advantages of ISO27001:
- Business differentiation
- Definition of secure operating processes and procedures
- KPI establishment to understand the security ROI
Security Audit & Assessment Services
We develop a test plan tailored to meet the needs of customers for the execution of non-intrusive security assessments. Full documented procedures of testing, findings, results and recommendation will be provided to customers.
- Tailor made for Customer Requirement
- Non-intrusive Way
- Identify Potential Risks
- Technical
- Operational
- General Control Review
- Deliverables
- Documentation
- Evaluation Methods, Procedures, Findings, Results & Recommendations
- Presentation
IT Audit
We develop a test plan tailored to meet the needs of customers for the risk based audit approach or COSO. Full documented procedures of testing, findings, results and recommendation will be provided to customers.
- Tailor made for Customer Requirement
- Risk based Audit Approach or COSO
- Technical
- Operational
- IT Organization
- Deliverables
- Documentation
- Evaluation Methods, Procedures, Findings, Results & Recommendations
- Presentation
Penetration Test & Ethical Hacking
We develop a test plan tailored to meet the needs of customers for the execution of intrusive penetration test. Full documented procedures of testing, findings, results and recommendation will be provided to customers.
- Tailor made for Customer Requirement
- Using Hacker Methodology & Tools
- Simulate *TRUE* hacking attacks
- Simulate Internal & External Hackers
- Intrusive or Non-Intrusive Approach
- Deliverables
- Documentation
- Evaluation Methods, Procedures, Findings, Results & Recommendations
- Presentation
Web Application Security Assessment
To help customer assess the web based application security using black box approach. Common web application security would be assessing in order to let customer understand the issues and provide recommendation to fix their applications.
- Identify Weakness in Web Applications
- Cross Site Scripting (XSS)
- SQL Injection
- Session Hijacking
- Weak Authentication
- Dirty Configuration etc
- Black Box or Write Box Approaches
- Intrusive or Non-Intrusive Options
- Deliverables
- Documentation
- Evaluation Methods, Procedures, Findings, Results & Recommendations
- Presentation
Wireless LAN Security Assessment
We will develop a test plan tailored to meet the needs of customers for the WLAN security assessments. Rogue and Evil Twins access point can be identified and located. Security settings in wireless will be evaluated.
- Identify Weakness in Wireless LAN Deployment
- Identify Rogue Access Points
- Determine the Security Configuration of Access Points
- WEP Key Cracking Test
- Deliverables
- Documentation
- Evaluation Methods, Procedures, Findings, Results & Recommendations
- Presentation
Computer Forensics Services
Provide forensic imaging, data recovery & analysis and investigation services. Investigation scope covers disk, network, internet, email etc. to identify the source of problems and provide recommendation for further analysis and remediation.
- Investigation of Computer Crime, Policies Violation, Intrusion and Fraud
- Identify source of problem
- Scope includes
- Network, System, Internet, Email, Mobile Phone, PDA etc.
- Services include
- Forensic Imaging
- Data Recovery
- Data Analysis
- Deliverables
- Investigation Report
- Evaluation Methods, Procedures, Findings, Results & Recommendations
- Presentation
Information Security Training
Provide information security training such as IT Security Awareness, Ethical Hacking, Computer Forensic, CISA, CISSP, CEH, CHFI, CIFI and customized training content to fit customer’s requirement.
- Tailor Made for Customer Requirement
- Standard Security Training Courses include
- Information Security Awareness
- Ethical Hacking
- Computer Forensic Investigation
- CISSP
- CISA
- CISM
- CRP
- ITIL/ISO20000
- ISO27001
- Writing Secure Code
Other Services
- Business/Technical Consultation
- Pre-Audit Rehearsal
- System & Network Hardening
- Security Solution Implementation
- Security Policies Development
For more information, please kindly contact our Sales representatives by Whatsapp +85254839525 or click HERE.