Information Security Assessments

Because of the constant threat of new viruses, worms, and other cyber threats, assessments of existing security programs are necessary. An Information Security Assessment (ISA) is a professional services consulting engagement with the specific goal to examine and review the existing network security vulnerabilities and risks inherent in your environment. The review concentrates on establishing a "snapshot" of the current network architecture and network security vulnerabilities, the current security posture, in-place security controls, documented corporate policies, day-to-day procedures in use, and the functional implementation of security capability.

Two essential elements of a successful assessment are penetration testing and vulnerability assessments. Dynetics' Information Security Assessment addresses three basic environmental components: network security, business risk/compliance, and IT operations.

All of this is done with the current knowledge of the threat from the Intelligence Community and a comprehensive intelligence report defining the threat and giving the rationale.

Penetration Testing

Penetration testing is an authorized engagement to attack your network environment with the purpose of defeating the in-place security mechanisms and controls, thereby gaining access to the network, connected servers/hosts, websites, voicemail, and networked systems. It is focused on testing your computers/servers connected to the Internet, not just your website. Our certified hacking analysts explore your connections to the Internet, checking for vulnerabilities and potential "holes" that could be used by hackers to gain access to your internal environment. By reviewing your Internet presence, we can identify and minimize the impacts to your business. We check and analyze more than 100 typical sneak paths into your network.

We review and examine your Internet-facing external network with the latest vulnerability scanners, both purchased and open source, following industry best practices and techniques to identify potential vulnerabilities and security-related conditions. Scanning targets include web, FTP, and other servers; firewalls and VPN devices; and other typical Internet-facing network equipment. We examine web portals, e-commerce applications, online ordering/billing processes, customer interfaces, hosted web email, and other potential conduits during our penetration testing activities. Examination of your online presence allows for the identification and mitigation of potential issues and vulnerabilities before their exploitation causes harm to your operations.

Network Security Health Check

Your network is the heart and soul of your daily operations, customer satisfaction, and revenue generation. Dynetics will work with you to gain a thorough understanding of your business objectives, allowing us to fulfill your current technology needs, as well as helping you ensure that your investment positions your business for future growth and success. The purpose of the Network Security Health Check is to assess the security and health of your network. This activity focuses on the following items:

  • Assessing the security at the core, distribution, and access layers
  • Assessing the security of services such as IP voice, IP video, and email
  • Verifying the proper implementation and configuration of controls necessary to protect services from unauthorized use and information from unauthorized disclosure
  • Evaluating the existing design architecture and configuration of the network in accordance with "industry best practices" to include such things as high availability, separation of services, quality of service, etc.

Firewall Configuration Technical Analysis

An improperly configured firewall effectively negates any cybersecurity protection expectations. Firewalls are the first line of defense in providing security and protection to a corporate network. A single keystroke error, an unpatched operating system (OS), or some other simple error can often lead to a compromise. It is crucial to make sure your firewall is doing what you expect it to do to protect your network.

Our Firewall Configuration Technical Analysis provides an in-depth technical review of your existing firewall rule set, an identification of potential shortcomings and possible errors, and recommendations to correct and mitigate these problems. Our detailed Technical Analysis Report identifies misconfigurations of rule sets, corrective recommendations, and references/resources.

Website Security Check

Risk of unauthorized access to your website and its compromise can lead to disclosure of sensitive data (corporate and customer), defacement resulting in corporate embarrassment, and potential access to your internal network.

Dynetics' Website Security Check and analysis is designed to minimize your risk of website compromise and potential disclosure of sensitive information. This effort conducted from our office focuses on your website and checks for website vulnerabilities commonly used by hackers. Our Website Security Report contains analysis results, vulnerabilities identified, status information, and mitigation actions.