Security Audits & Assessments

Regulatory Compliance Audits

A growing body of regulation imposes enormous burdens on institutions to safeguard their information systems, transaction processes and sensitive databases. Among them are Sarbanes-Oxley (SOX), ISO 27001, Gramm-Leach-Bliley Act (GLBA), Fair and Accurate Credit Transactions Act (FACTA), and the Health Insurance Portability and Accountability Act (HIPAA).

Security Health Check

The Network Security Health Check provides a snapshot of an organization's overall security program. The assessment includes perimeter, internal systems, data backup and patch management, and leverages best security practices as well as our expertise and broad-based knowledge of the security industry.

Web Application Assessment

Security breaches have far-reaching impacts that range from remediation costs and damages payable to victims, to the incalculable toll of negative publicity and lost business. A September 2009 report published by the SANS Institute indicates:

• Web applications constitute more than 60% of total attack attempts on the Internet
• More than 80% of vulnerabilities arise from SQL injection and Cross-Site Scripting flaws in both open source and custom-built applications.

Wireless Assessment

The Computer Security Institute recently reported that, while all forms of cybercrime are costly to victimized businesses, wireless exploitation captured first place in 2009 at an average cost of $770,000 per incident. The good news is that the volume of wireless exploits declined to 7.6% in 2009, down from 14% the previous year—no doubt aided by the growing popularity of wireless/Wi-Fi security assessments.