Security Assessment

Protecting against both technical and human vulnerabilities by going beyond conventional network vulnerability scanning.

Identifying Security Deficiencies

Your information security program must include safeguards designed to protect against both technical and human vulnerabilities. Because a security program incorporates more than just the network, best-practice guidelines suggest testing should go well beyond conventional network vulnerability scanning.

Rudrah LLC Security Solution

Our Security Assessment is designed specifically to meet regulatory requirements and address the needs of any size organization. To determine the adequacy of your existing security controls and to identify security deficiencies, our assessment provides a thorough examination of your networks. The assessment process is managed through a web-based portal that is designed to provide convenient access to a variety of tools used to continuously assess the three core components of an information security program – people, processes, and technology.

Key Service Activities

Comprehensive Security Assessment services include:

  • Internal and external port scan
  • An internal and external network vulnerability scan
  • Asset classification assistance
  • Policy reviews
  • Policy awareness reviews
  • In-depth regulatory and/or best practice review
  • Regulation call to assist with self-assessment
  • Network topology review
  • C2C portal system setup and implementation
  • Internal network vulnerability review
    • False-positive reduction of scan data through manual third-party review
    • Validation of false-positive review through manual third-party analysis
    • Advanced manual vulnerability analysis to determine vulnerability severity
  • Security countermeasure review (antivirus, firewall, access control, etc.)

When conducted onsite, the assessment will also include:

  • Identify wireless access points, including rogue
  • Physical security review
  • Dumpster diving at the main facility
  • Offsite consultation and remediation strategy

Assessment Result

Assessment results are provided in an extensive report containing:

  • Project overview
  • Comprehensive security assessment methodology
  • Executive summary
  • Prioritized internal and external network risks and recommendations
  • Regulatory compliance analysis
  • Information security policy analysis
  • Executive-level PowerPoint of assessment
  • Differential reporting
  • Appendix

Other Services

On-going services, via our web-based portal, include:

  • On-demand generation of comprehensive reports
  • Unlimited client-executed scans with third-party remote false positive validation
  • Regulatory compliance and security assessment evaluation metrics through self-assessment
  • Automated policy development software and policy management
  • Automated training development software and training management, including access to security awareness training content

Talk to An Expert

Rudrah LLC offers custom security assessment options tailored to your organization’s needs and budget, including a security assessment that is performed remotely. Contact us today!

Contact