Schedule a free consultation to discuss your specific security needs and concerns today!
Our Security audits are much different than what you would find on the internet. Because we have direct access to your servers, we are able to test more thoroughly. We also include the standard and extended penetration testing that other security firms offer. Our Advanced Security audit includes an examination from a Network Security Engineer, an Application Security Engineer (ColdFusion, WordPress, etc.), and a Database Engineer (SQL, MySQL).
The first thing we do is limit access to ports, shrinking the attack surface to its smallest point. Then we focus on the point that is susceptible, and we make it look like it's somewhere else (CDN). We give the option to add WAF services, and we secure e local server to the CDN. We do a follow up penetration test and make sure that every port is closed, unnecessary services aren’t running, and that TLS/SSL encryption is at its optimal level. We check OS updates, application patches, backups, antivirus, etc. We also investigate your logging and event viewer history, and make sure they keep adequate history.
If you’d like to speak with a representative about which plan is right for you, feel free to contact us.
|What’s included (Base pricing only includes up to 3 servers)|
|Define and discuss current issues and create a comprehensive acton plan.|
|Evaluate and document Server(s), Applications, and security requirements.|
|Secure/Separate Management Access (VPN, Source IP Lockdown)|
|Disable unnecessary services on your Application/Database server(s)|
|Lock Down Public IP(s) ports on the WAN edge|
|Evaluate/Secure Layer7 (SSL/TLS) (Protocol and Ciphers Best practices)|
|Verify current Antivirus installation and version (EICAR TEST)|
|Disaster Recovery/Backup checks with restore verification|
|Code and Application inspection for performance and vulnerability issues|
|Web App inspection for performance, and vulnerabilities. Updates & Patches|
|Evaluate OS resource usage and System logs for issues. Updates & Patches|
|Penetration Testing, vulnerability Scanning, SQL injection scanning.|
|Port scanning and intrusion testing|
|Cross site scripting Vulnerability testing|
|PDF Report of Penetration scans|
**Note** All scans include assistance in the remediation of any findings