Cybertrust offers the following technical assessments on a one-time or ongoing basis.

System and Network (internal and external)

• Assesses both the physical and electronic aspects of your environment.
• Incorporates three specific analyses, including comprehensive asset identification and classification (scoring) of systems in both the perimeter and across the internal corporate networks; targeted vulnerability scans across both environments; and wireless "walk-through" assessments.

For more information about a programmatic approach to assessments, click here.

Internal Corporate LAN Assessment

• Discovers active IP enabled devices.
• Identifies configuration details of each active device.
• Conducts scans of critical and Trojan ports.
• Classifies and scores each device.
• Targets vulnerability testing-based device scoring.

Internal Perimeter Assessment

• Discovers active IP-enabled devices.
• Identifies configuration details of each active device.
• Conducts ports scans.
• Classifies and scores each device.
• Tests the vulnerability levels of all active IP-enabled devices.

On-Site Information Security Examination and Validation

• Areas of coverage include:
      -  Physical perimeter
      -  HVAC systems
      -  Power distribution and UPS systems
      -  Hardened routers and/or firewalls
      -  Configuration of critical web server(s)
      -  Configuration of the e-mail server
      -  Operational Management Policies and Procedures
      -  Remote Administration Mechanisms

Application Vulnerability Assessment

• Examines the entire application lifecycle, providing a complete assessment of your web or externally accessible application.
• Includes input validation, access controls, forceful browsing, cookie manipulation, session management, encryption, password policies, information disclosure, known vendor vulnerabilities and code reviews (if applicable)

Wireless/VOIP Security Review

• Analyses your location’s wireless/VOIP environment in order to identify, assess and minimize risk.
      -  Do all wireless/VOIP networks have appropriate security configurations?
      -  Is encryption in use?
      -  Are SSIDs identifiable and broadcasted?
      -  Have rogue access points been established?
      -  Is there a wireless/VOIP LAN policy in place, and is it being enforced?
      -  Are devices on wireless/VOIP connections using personal firewalls and updated anti-virus software?