Organizations of all sizes are constantly analyzing their business risks and establishing risk-management steps that are consistent with their business. Sometimes this is performed in a structured manner, other times is ad-hoc and applying common-sense. In all cases, Risk Management techniques are based on assessing the organizational ASSETS, THREATS, VULNERABILITIES and IMPACT of lose of these ASSETS.
GLESEC through its well established External Security Assessment (ESA) and Internal Security Assessment (ISA) methodologies address the electronic form of Risk Management focusing on the vulnerabilities as seen from the Internet and from within the organization's internal network.
GLESEC experts perform discovery and tests of the organizational systems generating a detailed as well as an executive view of the VULNERABILITIES encountered along with recommendations for fixing those (re-active mode) as well as, when applicable recommending more pro-active steps.
GLESEC Security Assessments are classified as:
- External Security Assessment – Also known as a penetration test, this study will follow standard methodology and “hacker-like” tools to evaluate the “point-in-time” of the security of a client network from the Internet.
- Internal Security Assessment – This study is conducted from within the organization and also follows standard methods to discover > gather > correlate > analyze > recommend and report on the findings.
- Wireless Security Assessment – More and more organizations are deploying wireless technology making this a critical test to determine the state of security from the wireless point of view and pro-active recommendations to strengthen it if needed.
- Dynamic or Cyber-Attack Evaluation – The Cyber-Attack Evaluation provides clients with a view of their active traffic coming and going from the Internet to their corporate network identifying potential dangerous activity in executive level terms. This is a perfect complement to the ESA and ISA studies.
- Security Assessment Program – This program is designed to provide organizations with an ongoing turnkey solution for management of their security assessments on a one, two and three year engagements.