Threats to your data never go away.
Neither should your security partner.
phone 614.819.0151
Security Assessments
A security assessment is a method of evaluating security by comparing a company's security controls against a known standard to answer two key questions:
- Are the controls currently in place in my environment reasonable and appropriate?
- Are the controls currently in place in my environment effective?
Based on standards, customized to meet your needs
Jacadis assigns an experienced team the objective of reviewing your existing security plan and controls against a standard (or standards).
Our experience allows us to expertly work with a variety of standards, applying one or more standards to each test. Typical standards used in security assessments include:
- 1. PCI DSS 2.0
- 2. HIPAA / HITECH
- 3. NIST 800-115 for FISMA compliance
- 4. OWASP
The best place to begin is:
- Security Plan and Controls Review and Assessment: The core foundation of any security assessment is the selection and application of security standard compared to your existing security plan and controls.
Other tests may be applied to the information gathered to fully execute a Security Plan and Controls Review and Assessment or they may be executed on their own to answer concerns about your security environment.
These tests include:
- Network Security Assessment: Identifies vulnerabilities that an attacker could use to gain unauthorized access to internal systems. Projects are scoped based on internal and external attack vectors and numbers of targets on the network.
- Wireless Security Assessment: Identifies and exploits vulnerabilities that an attacker could use to gain unauthorized access to internal systems through known and unknown (rogue) wireless access points. Projects are scoped based on number of locations and number of access points.
- Web Application Vulnerability Assessment: Identifies and exploits vulnerabilities that an attacker could use to gain unauthorized access to web applications or the infrastructure supporting them. Projects are scoped based on number of applications and transactions within the application.
- Physical Security Assessment: Identifies and exploits vulnerabilities that an attacker could use to gain unauthorized physical access to internal systems or physical information assets. Projects are scoped based on number of locations.
- Social Engineering Assessment: Identifies and exploits vulnerabilities that an attacker could use to gain unauthorized access to internal systems through the application of social engineering attacks on employees or social media properties.
- Custom Security Assessment: Jacadis provides penetration tests of other form factors. Talk to us about your organizational needs for scoping information.
Request for information
Blog
- Overwatch: Staying on Top of Your Vulnerabilities Posted by Jerod Brennen - 2013-01-09 13:26:36
- Jacadis ... Bigger. Faster. Stronger. Posted by Douglas Davidson - 2013-01-10 10:30:51
- Disabling Java in Your Web Browser(s) Posted by Jerod Brennen - 2013-01-14 09:00:12
- HHS unveils Final HIPAA (HITECH) Omnibus Rule Posted by Jacadis - 2013-01-23 14:56:40
Latest Tweets
- Your site/app serving up #malware? #cloud solution w/ behavior/static analysis resulting in near zero false positives http://t.co/e8gULv3Us4
- Difficulty gaining traction w/ mgmt re: #BYOD risks? Check out these real-world examples http://t.co/WbgxyDfcOy via @netclarity #mobile #it
- More Mac #malware turns up, steals screen shots & communicates w/ 2 C+C servers - http://t.co/CEnrnov2qT #apple #it #security
- #London #UK #MISTI Seminar 6/10/13-6/12/13, @slandail Jerod Brennen: #Security/#Auditing #Mobile & #BYOD Policies - http://t.co/mJdCQmNUFP
- Your site/app serving up #malware? #cloud solution w/ behavior/static analysis resulting in near zero false positives http://t.co/WrbFyn2nLw
- RT @kaspersky: #IE10 receives high scores for #malware blocking http://t.co/HJnnU41DJZ via @SecurityWeek
- Difficulty gaining traction w/ mgmt re: #BYOD risks? Check out these real-world examples http://t.co/lmezqcabRy via @netclarity #mobile #it
- More Mac #malware turns up, steals screen shots & communicates w/ 2 C+C servers - http://t.co/57a7eaTH4l #apple #it #security
- #London #UK #MISTI Seminar 6/10/13-6/12/13, @slandail Jerod Brennen: #Security/#Auditing #Mobile & #BYOD Policies - http://t.co/DdBSaQIe6v
- Your site/app serving up #malware? #cloud solution w/ behavior/static analysis resulting in near zero false positives http://t.co/ZxS1Z35WNN
- Good foggy morning world ...
- Difficulty gaining traction w/ mgmt re: #BYOD risks? Check out these real-world examples http://t.co/6rW6oQBSnq via @netclarity #mobile #it
- Your site/app serving up #malware? #cloud solution w/ behavior/static analysis resulting in near zero false positives http://t.co/sDauLZLR3J
- #London #UK #MISTI Seminar 6/10/13-6/12/13, @slandail Jerod Brennen: #Security/#Auditing #Mobile & #BYOD Policies - http://t.co/4AAPmKOZdL
- Mass customized #malware: interchangeable components allow for quick-change of contents, increase efficacy - http://t.co/0wqFIyrBVr #infosec
- Your site/app serving up #malware? #cloud solution w/ behavior/static analysis resulting in near zero false positives http://t.co/XJEg7Bgejm
- #Mozilla #Firefox updates to repair 13 vulns, includes "Health Report" to provide users w/ perfomance metrics http://t.co/o8emUW91ZC #appsec
- Smart #healthcare CIOs/CISOs get ahead of #mobile technologies, assess opportunities & risks BEFOREHAND - http://t.co/aa1uxyWHba #HIPAA
- #London #UK #MISTI Seminar 6/10/13-6/12/13, @slandail Jerod Brennen: #Security/#Auditing #Mobile & #BYOD Policies - http://t.co/FFDbrXMT2I
- MT @AppSecPro: Rendezvous, search engine for code, helps reverse engineer #malware, copyright enforce http://t.co/WFdV42LfCt #appdev #appsec
- Your site/app serving up #malware? #cloud solution w/ behavior/static analysis resulting in near zero false positives http://t.co/OWRhJF7fJC
- Mass customized #malware: interchangeable components allow for quick-change of contents, increase efficacy - http://t.co/EUrqS49R5b #infosec
- Smart #healthcare CIOs/CISOs get ahead of #mobile technologies, assess opportunities & risks BEFOREHAND - http://t.co/dsb9dTRy4Z #HIPAA
- #Mozilla #Firefox updates to repair 13 vulns, includes "Health Report" to provide users w/ perfomance metrics http://t.co/xmeRPfthMx #appsec
- #London #UK #MISTI Seminar 6/10/13-6/12/13, @slandail Jerod Brennen: #Security/#Auditing #Mobile & #BYOD Policies - http://t.co/Q3XNHls7aV
- #London #UK #MISTI Seminar 6/10/13-6/12/13, @slandail Jerod Brennen: #Security/#Auditing #Mobile & #BYOD Policies - http://t.co/P402hwXKoi
- Smart #healthcare CIOs/CISOs get ahead of #mobile technologies, assess opportunities & risks BEFOREHAND - http://t.co/nbyZE5jpi3 #HIPAA
- #London #UK #MISTI Seminar 6/10/13-6/12/13, @slandail Jerod Brennen: #Security/#Auditing #Mobile & #BYOD Policies - http://t.co/a3lTeQDAiG
- New Algorithm Lets #SCADA Devices Detect, Deflect Attacks via @DarkReading - http://t.co/APVNfxbYmY #infosec #security
- Difficulty tracking down your #Sharepoint user access? Free audit tool to clean them up? - http://t.co/UEEYWDaeex via @varonis #it #security