Technical Security Assessments
MCSB’s technical security assessments ensure that each level of your organization’s information infrastructure meets your information security objectives.
MCSB uses state-of-the art tools, deploying experienced professionals and industry security best practices and standards to create a focused gap analysis that identifies areas of high risk and recommends correction efforts.
MCSB’s assessment services range from corporate-wide evaluations to individual program and code-reviews, including:
Vulnerability Assessment and Penetration Test
Our network vulnerability assessment identifies known network vulnerabilities using the most sophisticated techniques available in the market.
Mimicking a dangerous intruder, MCSB gathers network and device level information, runs automated scanning tools, and uses extensive manual testing to discover and verify network vulnerabilities.
Application Vulnerability Assessment
MCSB’s application vulnerability assessment identifies security vulnerabilities by reviewing and probing an application’s security parameter and controls.
This ‘black box’ security testing approach examines an application’s run-time or user behavior using a variety of techniques customized for each application type.
Examples of some Application Vulnerability Assessment tests include the following:
• Testing the ability to replay authentication data
• Looking for exposure of sensitive data on servers
• Attempting to exploit encryption algorithms
• Taking advantage of inadequate input validation controls
• Exploiting buffer overflow vulnerabilities
• Examining database connectivity and queries
Detailed Security Assessment
MCSB reviews and analyzes network and server configuration, network solutions, adherence to policy, and verifies consistent configuration implementation.
Through administrator level (with real username / password) analysis and interviews with persons responsible for managing the environment, our security consultants assure the technical configuration meets the customer’s business and security standards.