Protect
DigitalDefence’s PROTECT services will help you to identify hidden security threats in your network, and understand their true impact on your organization. This knowledge will help you to build an effective security plan, and act before you become the victim of a security or privacy breach.
Physical Security
Our physical security experts can provide an objective review of your physical security against relevant industry standards and local regulations. Key areas assessed include:
- Safety of all personnel
- Facility security, including access controls and environmental protection
- Operational controls and security awareness for employees, contractors, and visitors
- Social engineering
Infrastructure Security
An infrastructural assessment is an evaluation of your organization’s current technological environment from a security perspective. It includes:
- Review of system architecture and technologies, including secure remote access
- Secure use of emergent technologies (e.g.: wireless, VoIP, virtualization, cloud computing)
- Vulnerability and security patch management programs
- Trial and Evaluation of security hardware and process in DigitalDefence’s T&E lab
Penetration Testing
During a penetration test, we simulate the actions of a hacker to validate weaknesses in your network.
- Verified Vulnerability Scanning to eliminate false-positive results
- Penetration testing of physical and logical networks, both wired and wireless
- Training in conducting scans and penetration tests to support business objectives
- Development and documentation of an auditable vulnerability assessment process
Web Services Security
Your website is the public face of your company; it’s also the most vulnerable application due to its exposure to the Internet. DigitalDefence secures websites, using:
- Threat modeling
- Source code analysis
- Review of network architecture, including underlying operating systems, applications, and connected databases
- Vulnerability scanning (OWASP compliant)
- Penetration testing, including deep analysis of business logic vulnerabilities
Application Security
Application security refers to the measure’s taken throughout an application’s life cycle to ensure the security of the application and its data. Our analysis of an application includes:
- Threat modeling
- Source code review and automated analysis for vulnerabilities
- Vulnerability scanning and penetration testing of the application, including customized input fuzzing
- Secure developer training workshops
- Development and implementation of a secure software development lifecycle, sSDLC
Security Audits
A security audit is a systematic and measurable assessment of a network or application against a defined standard. DigitalDefence conducts the following security-focused audits:
- Pathfinder audit - set your security baseline
- Third party / vendor audit
- PCI readiness audit
- Endpoint security audit
- Data leakage audit
