CSAC (CresTech Security Assurance Center) offers a service “Network Security Assessment” which covers both external and internal network assessment. This service comprises of Identifying Vulnerabilities with-in your Infrastructure by testing it both form inside the network and outside the network, patching those vulnerabilities and mitigating them for future course. We also asses the compliance of your network to a given security standard.
CSAC has a developed a proven methodologies for conducting “Network Security Assessment” exercise. Our methodology, including our software tools, has been developed based on conducting a number of network security reviews at clients with complex and large processing environments.
On broad level we conduct following activities as part of our Network Security Assessment service
• Application audit
• Network audit
• Network Architecture audit
• Network devices audit – Routers, Switches
• Security devices audit – Firewalls, IDS, IPS
• Server Audit
• Linux and Windows based Web, Mail, Database, FTP, NFS, Authentication servers
• Audit Reports & Recommendations
• Present Audit reports and recommendations
• Finalize Patch Management plan with Client
• Prioritize patches based on Vulnerability Criticality
• Client’s business requirement
• Ensure patches do not have side affects
• Deploy patches in test environment
• Roll out patches in live environment
Evaluation of the infrastructure compliance to policies, procedures, guidelines and checklists enforced by the management. Alternatively, CresTech can also conduct an audit to establish the organization’s compliance to industry standards like PCI, ISO 27001, etc.