Protect

All organizations face a certain level of risk due to threats that result from natural events, accidents, and intentional acts to cause harm. Regardless of the nature of the threat, there is a responsibility to limit or manage risks from these threats.

DigitalDefence’s ASSESS services will help you to identify hidden security threats in your network, and understand their true impact on your organization. This knowledge will help you to build an effective security plan, and proactively respond before you are the victim of a security or privacy breach

Regular assessments of your organization will allow you to:

• Reduce costs – fewer security incidents mens less down time, less compensation payments, and less litigation
• Support your business strategy and objectives
• Establish realistic expectations for security and develop a reliable and actionable information security and privacy strategy
• Prioritize security efforts
• Identify systems that are vulnerable to attack, or that may already be compromised
• Reduce vulnerabilities that could expose your data
• Improve your ability to detect and respond to network attacks
• Increase the availability of your network; eliminate expensive downtime
• Justify security programs by raising awareness about corporate liability to all levels
• Assist in developing a “culture of security” within your organization

Our Methodology

Before we begin testing, DigitalDefence security project managers will sit down with you to design the format of the final deliverables – we don’t rely on dumps from commercial tools or pre-populated templates; instead, we are focused on meeting the unique requirements of each particular test.

Once we have agreed on the deliverables, DigitalDefence begins testing using its highly creative and effective methodology, which incorporates and supports globally accepted standards, such as the:

• US National Security Agency (NSA) guidelines
• US National Institute of Standards and Technology, NIST
• Microsoft Security guides
• Open Web Applications Security Project, OWASP
• Open Source Security Testing Methodology Manual, OSSTMM

When testing is complete, DigitalDefence delivers the final report. Our goal is a report that provides verifiable results with a minimum of jargan. It will emphasize specifc findings, and include a management summary highlighting areas requiring improvement and their respective business impact, as well as technical findings, including:

• A detailed network or application map
• A list of all identified vulnerabilities, organized according to severity
• A prioritized action list
• The specific means to mediate each identified vulnerability
• Conclusions, including both long-term strategic solutions as well as tactical “fixes”