 |
McDowell Associates LLC.
has a proven methodology and experience in
performing the following types of security assessments. |
| |
|
| |
 |
Application Testing -reviews the logic structure, code, methods of access and
authentication mechanisms of your web-based applications. Testing for SQL injection, Cross-Site
Scripting (XSS) and many other web application attack vectors. |
| |
|
|
Network Testing -provides external and internal vulnerability and penetration
assessments, VPN vulnerability and penetration tests and an
analysis of VoIP within your environment. |
| |
|
|
Wireless Security - identifies weaknesses and vulnerabilities specific to your
wireless infrastructure. |
| |
|
|
System Hardening - tests for the hardening configuration of the operating
systems in use within your environment. |
| |
|
|
Mobile Laptop - tests for the hardening configuration of the laptop
hardware, encryption and operating system in case of loss or
theft. |
| |
|
|
Social Engineering / Physical Security - tests for unauthorized access into your companies buildings
and networks or systems via various methods. |
| |
|
|
War Dialing - identifies unauthorized modems that provide access to your
network and then attempts to exploit your network through
illicit devices. |
|
| |
|
| |
In addition, we can provide specialize services to combine
several services into a security assessment package. For example, we could provide you with a Zero
Knowledge assessment to gather information on your network
infrastructure from an external perspective to determine what's
available over the internet via public source information. We can
then combine that with an internal network assessment to perform
vulnerability and/or penetration testing against network resources
from an insider perspective and finally would would perform an
external network assessment with full knowledge of the
infrastructure. |
| |
|
| |
All of our assessments include : |
| |
|
| |
|
A face-to-face presentation of findings
and recommendations (where applicable). |
| |
|
|
An executive summary that examines the
overall assessment process and results including highlights of
specific high priority vulnerabilities and findings. |
| |
|
|
A management summary that groups,
categorizes, and ranks vulnerabilities by severity level, as
well as recommends mitigation techniques and time/resource
requirements. |
| |
|
|
Technical reports which include detailed
processes and/or findings from each phase of the assessment.
This report includes technical mitigation recommendations,
technical process improvements and recommendations on proactive
mitigation strategies, depending on the situation. |
|
| |
|
| |
Please contact us for your Security Assessment needs. |
| |
|
| |
|
