Under our Cybersecurity Leadership program, onShore Security performs a number of tests and assessments critical to understanding security posture and to validate systems and process.
Does your organization have a thorough understanding of your current cyber security effectiveness, with vulnerabilities and blind spots identified – as performed by a cyber security professional? Security Maturity Assessment provides a comprehensive review of your security operation and planning, that produces a complete score that can be shared with your organization's leadership.
The Common Vulnerabilities and Exposures (CVE) system is a reference, maintained by the National Cybersecurity FFRDC, for known IT vulnerabilities and exposures in publicly available software. CVE scans detect these potential vectors for attack and notify software developers and network architects to make changes to remove these common causes for concern.
An Active Directory (AD) and Group Policy Object (GPO) assessment is a study of the structure of a domain controller and the policies that it applies. onShore Security analysts use AD/GPO tools, as well as manual review, to find potential issues and weaknesses. Findings, as well as recommendations for remediation, are presented to the client.
The PCI Assessment is a review for compliance with the Payment Card Industry Data Security Standard. onShore Security analysts investigate your business' ability to build a secure network, protect cardholder data, maintain a vulnerability management program, implement strong access control measures, monitor and test networks, and enforce an information security policy.
The Health Insurance Portability & Accountability Act (HIPAA) is the standard for responsible retention of sensitive patient data. Any entity that keeps protected health information is obligated to maintain adequate security measures in order to be in compliance. The HIPAA Security Rule specifically sets the security standards for protecting patient data. With these standards in mind, our team will review your network policy and infrastructure to ensure yourcompliance with HIPAA policy and protect your business from the enforcement penalties laid out in the HITECH Act.
Penetration testing for web and mobile applications requires expertise and attention beyond the capabilities of automated testing software. Our team scans your application first, and then manually tests to find vulnerabilities that automated tests miss, referring to the OWASP Top 10 to make sure your application is secure.