Network Assessment (starting from 2 hours)
- Identification of vulnerabilities in services visible on the internet (service disruption, database vulnerabilities).
- Mapping of physical access to the company's internal network for intrusion prevention.
- Security of wireless networks.
Security Awareness (starting from 1 hour)
- Staff awareness of the company's cybersecurity guidelines.
- Use of personal devices, personal networks, USB devices, etc.
- Remote work practices
Intrusion Path Analysis (starting from 1 hour)
Security testing of company buildings for official classification.
Examination of the entire building; doors, windows, roofs, walls, surveillance cameras, etc.
System Analysis (starting from 9 hours)
Security mapping of services, from application service level to public services.
Configuration of the environment regarding security. Examination of incoming and outgoing connections.
Security mapping of web services and related interfaces.
- Data processing
- Identification
- Session management
- Access control
- System protection
- Performance
The protection of all mapping areas consists of a set of security controls, the operation of which is reviewed. The mapping also takes into account the legal requirements for the protection of the system and its information.
The assessment also considers the operating systems of servers, their versions, features of application servers, and the programming language of web services. In addition to manual review, the assessment uses automated scanners.