Security Assessment Services - SecurePoint 360, LLC

[cs_content][cs_section bg_color=”rgb(233, 231, 231)” parallax=”false” separator_top_type=”none” separator_top_height=”50px” separator_top_angle_point=”50″ separator_bottom_type=”none” separator_bottom_height=”50px” separator_bottom_angle_point=”50″ class=”cs-ta-center dark-section” style=”margin: 0px;padding: 75px 0px 33px;”][cs_row inner_container=”true” marginless_columns=”false” style=”margin: 0px auto;padding: 0px;”][cs_column fade=”false” fade_animation=”in” fade_animation_offset=”45px” fade_duration=”750″ type=”1/1″ style=”padding: 0px;”][cs_element_headline _id=”4″][cs_element_button _id=”5″][x_raw_content style=”margin: 1em auto 0;max-width: 35em;color: #fff;”]
[/x_raw_content][/cs_column][/cs_row][/cs_section][cs_section parallax=”false” separator_top_type=”angle-in” separator_top_height=”50px” separator_top_angle_point=”50″ separator_bottom_type=”none” separator_bottom_height=”50px” separator_bottom_angle_point=”50″ style=”margin: 0px;padding: 4px 0px 45px;”][cs_row inner_container=”true” marginless_columns=”false” style=”margin: 0px auto;padding: 0px;”][cs_column fade=”false” fade_animation=”in” fade_animation_offset=”45px” fade_duration=”750″ type=”1/1″ class=”cs-ta-center” style=”padding: 0px;”][cs_text class=”cs-ta-center”]

Customize, Subscribe & Save!

[/cs_text][x_raw_content][go_pricing id=”secassess_5a5593_5a56db8a4efba”][/x_raw_content][cs_pricing_table columns=”3″][/cs_column][/cs_row][/cs_section][cs_section bg_color=”rgb(233, 231, 231)” parallax=”true” separator_top_type=”none” separator_top_height=”50px” separator_top_angle_point=”50″ separator_bottom_type=”none” separator_bottom_height=”50px” separator_bottom_angle_point=”50″ style=”margin: 0px;padding: 0px;”][cs_row inner_container=”true” marginless_columns=”false” style=”margin: 0px auto;padding: 0px;”][cs_column fade=”false” fade_animation=”in” fade_animation_offset=”45px” fade_duration=”750″ type=”1/1″ style=”padding: 0px;”][x_gap size=”01px”][cs_text class=”cs-ta-center”]

Security Assessment Services | Detailed Features

[/cs_text][x_line style=”border-top-color: hsl(240, 1%, 35%);border-top-width: 3.5px;”][/cs_column][/cs_row][cs_row inner_container=”true” marginless_columns=”false” style=”margin: 0px auto;padding: 0px;”][cs_column fade=”false” fade_animation=”in” fade_animation_offset=”45px” fade_duration=”750″ type=”1/4″ style=”padding: 0px;”][x_feature_box title=”Penetration Testing” title_color=”hsl(240, 1%, 35%)” text_color=”” graphic=”icon” graphic_size=”110px” graphic_shape=”circle” graphic_color=”hsl(205, 86%, 40%)” graphic_bg_color=”hsla(0, 0%, 0%, 0)” align_h=”center” align_v=”top” side_graphic_spacing=”20px” max_width=”300PX” graphic_border=”border-width: 4px 4px 4px 4px; border-style: solid; border-color: ;” graphic_icon=”user-secret” class=”MVN”]We help organizations increase their defenses against cyberattacks through ethical security exploitation. [/x_feature_box][x_accordion][x_accordion_item title=”Web Application” open=”false”]

Today, the majority of software applications are delivered via web applications. We help organizations increase their web application defenses against cyberattacks through ethical security exploitation.

-A web application penetration test focuses on assessing the security of web applications. This includes analyzing the web application for known vulnerabilities according to the OWASP 10 and SANS Top 25, before attempting to exploit the identified vulnerabilities to assess the risk posed.
-The methodologies used for testing include Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM) and Penetration Testing Execution Standard (PTES).

[/x_accordion_item][x_accordion_item title=”Mobile Application” open=”false”]

A mobile application penetration test is similar to a web application penetration test. Mobile application vulnerabilities include sensitive data leakage, insecure communication and insecure storage of data on the mobile devices itself.

-The methodologies used for testing include Open Web Application Security Project (OWASP), OWASP Mobile Security Testing Guide (MSTG Pre-release), Open Source Security Testing Methodology Manual (OSSTMM) and Penetration Testing Execution Standard (PTES).

[/x_accordion_item][x_accordion_item title=”Internal Network” open=”false”]

When performing an internal network penetration test, we attempt to escalate privileges and gain access to all systems and devices as agreed to prior to testing.

-An internal network penetration test helps to assesses the current state of internal IT systems and network connected devices.
-The methodologies used for testing include Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM) and Penetration Testing Execution Standard (PTES).

[/x_accordion_item][x_accordion_item title=”External Network” open=”false”]

An external network penetration test assesses the security of your internet-facing infrastructure. Every organization has devices that are exposed to the internet.

-During an external network Penetration Test, we discover and attempt to exploit vulnerabilities that could affect your systems that are exposed to the internet.
-The methodologies used for testing include Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM) and Penetration Testing Execution Standard (PTES).

[/x_accordion_item][/x_accordion][/cs_column][cs_column fade=”false” fade_animation=”in” fade_animation_offset=”45px” fade_duration=”750″ type=”1/4″ style=”padding: 0px;”][x_feature_box title=”Web Application Assessment” title_color=”hsl(240, 1%, 35%)” text_color=”” graphic=”icon” graphic_size=”110px” graphic_shape=”circle” graphic_color=”hsl(205, 86%, 40%)” graphic_bg_color=”hsla(0, 0%, 0%, 0)” align_h=”center” align_v=”top” side_graphic_spacing=”20px” max_width=”300PX” graphic_border=”border-width: 4px 4px 4px 4px; border-style: solid; border-color: ;” graphic_icon=”lock” class=”MVN”]Regularly discover, catalog and scan web apps for vulnerabilities and website misconfigurations.[/x_feature_box][x_accordion][x_accordion_item title=”Discover” open=”false”]

As the number of web applications in your organization increases, keeping them organized is critical to proper security hygiene. We perform a thorough discovery and classify assets using dynamic tagging to organize host assets by role to the business.

-Visually map every web application on the network.
-Details each device by OS, ports, services and certificates.
-Helps to continuously monitor your client-facing web applications keeping you in control of security.
-Application discovery and cataloging – We find new and unknown web applications across your network.

[/x_accordion_item][x_accordion_item title=”Assess” open=”false”]

We efficiently scan for web application vulnerabilities
everywhere. Monitor your perimeter for unexpected changes.

-Web application Vulnerability scanning. Detect OWASP Top 10 risks such as SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF) and URL redirection. Then we prioritize them and focus on the issues that will have the most impact.
-Includes web applications on the perimeter and internal networks, and elastic cloud networks (Amazon, Azure, Google).
-Incorporated penetration testing data keeps web application testing data in one place for integrated analysis.
-Results provide accurate, prioritized actionable results.
-Provides continuous insight into your organization’s ongoing attack-surface and associated risk/liability.
-Website Malware Monitoring. Includes continuous Malware detection that finds hidden malware before it attacks users visiting your websites/web applications. Protect your organization’s reputation and your users security by rooting out malicious code and content that’s been hidden in your website or applications. Advanced behavioral analysis helps identify even zero-day malware that eludes anti-virus and anti-spyware packages.

[/x_accordion_item][x_accordion_item title=”Prioritize” open=”false”]

Running regularly scheduled web application scans helps to identify the highest risks to the business using trend analysis, zero-day and patch impact predictions.

-Our experience and knowledge helps put critical issues into context.
-We help you spot trends, see what’s changed since the last scan and accurately predict which hosts are at risk…even for zero-day attacks.

[/x_accordion_item][x_accordion_item title=”Remediate” open=”false”]

We monitor the life-cycle of your web application vulnerabilities and help manage the
remediation process.

-Our service helps keep your team focused on core-competency & revenue generating activities.
-We assign remediation tickets and manage exceptions.
-Provide lists of patches by priority for each host and we help manage exception process.

[/x_accordion_item][x_accordion_item title=”Inform” open=”false”]

We provide comprehensive
role-based progress reports that document progress for IT, business executives and auditors.

-Our service provides context & insight, not just a data dump.
-Continuous monitoring and insight into on-going progress with your organization’s risk management program.

[/x_accordion_item][/x_accordion][/cs_column][cs_column fade=”false” fade_animation=”in” fade_animation_offset=”45px” fade_duration=”750″ type=”1/4″ style=”padding: 0px;”][x_feature_box title=”Vulnerability Assessment” title_color=”hsl(240, 1%, 35%)” text_color=”” graphic=”icon” graphic_size=”110px” graphic_shape=”circle” graphic_color=”hsl(205, 86%, 40%)” graphic_bg_color=”hsla(0, 0%, 0%, 0)” align_h=”center” align_v=”top” side_graphic_spacing=”20px” max_width=”300PX” graphic_border=”border-width: 4px 4px 4px 4px; border-style: solid; border-color: ;” graphic_icon=”search-plus” class=”MVN”]Includes enterprise-wide vulnerability scanning where we scan for vulnerabilities everywhere (perimeter, internal networks, Amazon EC2, Azure, Google).[/x_feature_box][x_accordion][x_accordion_item title=”Discover” open=”false”]

We help manage & reduce risk by finding the official and “unofficial” devices that may be hiding in your environment. We provide quick and accurate visibility into vulnerabilities across your organization. As the number of devices in your organization continues to rise, keeping them organized is crucial to proper security hygiene.

-Visually map every device and application on the network.
-Identify which OS, ports, services and certificates are on each device.
-Details each device by OS, ports, services and certificates.
-Device discovery and cataloging – we find new and unknown devices across your network.
-Continuously monitor your perimeter for unexpected changes.
-Assign a business impact to each asset.
-Dynamically tag assets to automatically categorize hosts.

[/x_accordion_item][x_accordion_item title=”Assess” open=”false”]

We scan for vulnerabilities everywhere, accurately and efficiently. We automatically update vulnerability statuses to provide you with key information about what issues are new, ongoing and fixed. And with Progressive Scanning, we provide even better coverage over multiple scans, enabling continuous testing of your web applications.

-Includes devices and applications on perimeter and internal
networks, and elastic cloud networks (Amazon, Azure, and Google).
-Includes scalable, high-accuracy progressive
scanning that saves time and keeps focus
on what matters most.
-Authenticated scanning available to automatically log in to test like a real user.
-Scanning tools support Selenium to enable
complex authentication or workflow sequences for better scan coverage.
-Access to scheduled and on demand scanning services.

[/x_accordion_item][x_accordion_item title=”Prioritize” open=”false”]

Identify the highest business risks & manage those risks using trend analysis, Zero-Day and patch impact predictions. We scan and analyze OS and application configurations on each target host.

-Track vulnerabilities as they appear, are fixed, or reappear.
-Put critical issues into context with our expert advisory services.
-Monitor certificates deployed throughout your network.
-Spot trends, see what’s changed.
-Predict which hosts are at risk for Zero-Day Attacks.
-See which hosts need updates after Patch Tuesday.

[/x_accordion_item][x_accordion_item title=”Remediate” open=”false”]

We monitor the life-cycle of vulnerabilities and validate the remediation process.

-Monitor vulnerabilities over time, assign tickets, and manage exceptions.
We keep track of everything so your team can stay focused on revenue generating activities.
-Provide lists of patches by priority for each host and manage exceptions.
-Keep track of vulnerabilities and actions taken.
-Create per-host patch lists.-

[/x_accordion_item][x_accordion_item title=”Inform” open=”false”]

We provide comprehensive
reports that document progress for IT, business executives, customers and auditors.

-Service provides context & insight, not just a data dump.
-Continuous monitoring and insight into ongoing progress with your organizaion’s vulnerability management goals.

[/x_accordion_item][/x_accordion][cs_element_gap _id=”58″][/cs_column][cs_column fade=”false” fade_animation=”in” fade_animation_offset=”45px” fade_duration=”750″ type=”1/4″ style=”padding: 0px;”][x_feature_box title=”Social Engineering” title_color=”hsl(240, 1%, 35%)” text_color=”” graphic=”icon” graphic_size=”110px” graphic_shape=”circle” graphic_color=”hsl(205, 86%, 40%)” graphic_bg_color=”hsla(0, 0%, 0%, 0)” align_h=”center” align_v=”top” side_graphic_spacing=”20px” max_width=”300PX” graphic_border=”border-width: 4px 4px 4px 4px; border-style: solid; border-color: ;” graphic_icon=”fort-awesome” class=”MVN”]Social engineering tactics are often used to breach an organization by making use of employee biases and errors in judgement. We simulate this type of attack to help organizations better defend against it.[/x_feature_box][x_accordion][x_accordion_item title=”Phishing Simulations” open=”false”]

Phishing Simulations to help employees practice what they learn during employee security awareness.

-Performing ongoing phishing simulations helps to keep employees practiced & reinforces good security habits.

[/x_accordion_item][x_accordion_item title=”Pretexting Impersonation” open=”false”]

Pretexting is the practice of presenting oneself as someone else in order to obtain private information. Pretexting impersonation exercises are used to gather key information.

-Pretexting attacks are commonly used to gain access to both sensitive and non-sensitive information.

[/x_accordion_item][x_accordion_item title=”Tailgating Excercises” open=”false”]

Tailgating, also known as piggybacking, is when a someone bypasses the physical security controls of a building based on someone else’s authentication.

-We attempt to bypass physical security at client sites in order to roam unescorted, looking for open offices and/or unsecured workstations.
-The real-world costs of tailgating include theft of IT equipment, theft of sensitive data, loss of intellectual property and physical attacks to network equipment.

[/x_accordion_item][x_accordion_item title=”Baiting Exercises” open=”false”]

Baiting helps to identify those at risk of enticement.

-Engagement examples include leaving USB flash drives and other forms of mobile storage media in an open area in order to identify those employees that attempt to use the found storage device to aid in educating employees in the risk posed.

[/x_accordion_item][/x_accordion][/cs_column][/cs_row][cs_row inner_container=”true” marginless_columns=”false” style=”margin: 0px auto;padding: 0px;”][cs_column fade=”false” fade_animation=”in” fade_animation_offset=”45px” fade_duration=”750″ type=”1/4″ style=”padding: 0px;”] [/cs_column][cs_column fade=”false” fade_animation=”in” fade_animation_offset=”45px” fade_duration=”750″ type=”1/4″ style=”padding: 0px;”] [/cs_column][cs_column fade=”false” fade_animation=”in” fade_animation_offset=”45px” fade_duration=”750″ type=”1/4″ style=”padding: 0px;”] [/cs_column][cs_column fade=”false” fade_animation=”in” fade_animation_offset=”45px” fade_duration=”750″ type=”1/4″ style=”padding: 0px;”] [/cs_column][/cs_row][/cs_section][cs_section bg_color=”rgb(255, 255, 255)” parallax=”false” separator_top_type=”none” separator_top_height=”50px” separator_top_angle_point=”50″ separator_bottom_type=”none” separator_bottom_height=”50px” separator_bottom_angle_point=”50″ style=”margin: 0px;padding: 0px 0px 50px;”][cs_row inner_container=”true” marginless_columns=”false” style=”margin: 0px auto;padding: 0px;”][cs_column fade=”false” fade_animation=”in” fade_animation_offset=”45px” fade_duration=”750″ type=”1/1″ style=”padding: 0px;”][x_line style=”border-top-color: hsl(240, 1%, 35%);border-top-width: 3.5px;”][/cs_column][/cs_row][cs_row inner_container=”true” marginless_columns=”false” style=”margin: 0px auto;padding: 0px;”][cs_column fade=”false” fade_animation=”in” fade_animation_offset=”45px” fade_duration=”750″ type=”1/1″ style=”padding: 0px;”][x_gap size=”50px”][/cs_column][/cs_row][cs_row inner_container=”true” marginless_columns=”false” style=”margin: 0px auto;padding: 0px;”][cs_column fade=”true” fade_animation=”in-from-left” fade_animation_offset=”45px” fade_duration=”750″ type=”1/3″ style=”padding: 0px;”][x_image type=”none” src=”https://securepoint360.com/wp-content/uploads/2017/06/IT-CIA-1.png” alt=”” link=”false” href=”#” title=”” target=”” info=”none” info_place=”top” info_trigger=”hover” info_content=””][cs_text]

Confidentiality: Ensures data is accessed by only authorized persons.
Integrity: Assures data can be trusted, that is, it is only edited by authorized persons and always remains in its original state when at rest.
Availability: Data is always available when required.

[/cs_text][/cs_column][cs_column fade=”true” fade_animation=”in-from-right” fade_animation_offset=”45px” fade_duration=”750″ type=”2/3″ style=”padding: 0px;”][x_custom_headline level=”h2″ looks_like=”h2″ accent=”false” class=”cs-ta-center man”]Prioritize Security Obligations[/x_custom_headline][x_blockquote cite=”All of your clients” type=”center”]Which is most important? Confidentiality, Integrity, or Availability?

“ALL OF THE ABOVE”[/x_blockquote][cs_text]

Don’t choose between your Client, Business, or Regulatory obligations! Improve your security program today with our Security Assessment Services!

[/cs_text][/cs_column][/cs_row][/cs_section][cs_section parallax=”false” separator_top_type=”angle-in” separator_top_height=”50px” separator_top_angle_point=”50″ separator_bottom_type=”none” separator_bottom_height=”50px” separator_bottom_angle_point=”50″ class=”cs-hide-xl cs-hide-lg cs-hide-md cs-hide-sm cs-hide-xs” style=”margin: 0px;padding: 45px 0px;”][cs_row inner_container=”true” marginless_columns=”false” style=”margin: 0px auto;padding: 0px;”][cs_column fade=”false” fade_animation=”in” fade_animation_offset=”45px” fade_duration=”750″ type=”1/1″ style=”padding: 0px;”][x_image type=”none” src=”https://securepoint360.com/wp-content/uploads/2017/06/value-01.png” alt=”” link=”false” href=”#” title=”” target=”” info=”none” info_place=”top” info_trigger=”hover” info_content=””][/cs_column][/cs_row][/cs_section][cs_section parallax=”false” separator_top_type=”none” separator_top_height=”50px” separator_top_angle_point=”50″ separator_bottom_type=”none” separator_bottom_height=”50px” separator_bottom_angle_point=”50″ style=”margin: 0px;padding: 0px;”][cs_row inner_container=”false” marginless_columns=”false” style=”margin: 0px auto;padding: 0px;”][cs_column fade=”false” fade_animation=”in” fade_animation_offset=”45px” fade_duration=”750″ type=”1/1″ style=”padding: 0px;”][x_creative_cta padding=”25px 25px 25px 25px” text=”Start your free consultation today!” font_size=”45px” icon=”arrow-right” icon_size=”75px” animation=”slide-right” link=”https://securepoint360.com/get-in-touch/” color=”” bg_color=”hsl(205, 86%, 40%)” bg_color_hover=”hsl(240, 1%, 35%)”][/cs_column][/cs_row][/cs_section][/cs_content]