Assessing your technical, physical and administrative security controls
is part of maintaining a proactive security posture. Integsys
performs assessments including system audits, code reviews, network
scans, and penetration testing.
Our security professionals conduct on-site internal and external
vulnerability scans of your network and systems and work with your IT
staff to chart out a course to a more secure future. We have built our
services around industry-proven scanning software maned by certified
security professionals. Our security professionals work with you to
produce a report that complies with industry standards while addressing
your unique security needs.
System Security Testing
System configuration and management weaknesses are historically the
primary cause of security breaches. System hardening and management
procedures can reduce the risk to an organization. Integsys
has extensive experience in system security testing in any network
environment. Our testing procedures will identify weaknesses in any
system including mainframe OS/390, AS400, Unix/Linux/BSD/Solaris,
Windows, databases, VoIP/telecomm, printers, Network Attached Storage
(NAS), and network appliances.
Wireless Security Assessment
Wireless networking technology is one the greatest security challenges
facing your IT department even if you don't officially permit it.
Wireless and cellular wireless technologies are readily available and
easy to set up, it represents a potential security hole you must
address. Integsys' FCC licensed personal can scan the
air waves for hidden security risks.
Integsys can help you with the “people” aspect of
IT security. Regardless of the policies you implement and the physical
barriers you erect, the strength of your security comes down to the
training, awareness, and vigilance of your people. Security policies
and security awareness training are fundamental parts of an effective
security program and mandated by Sarbanes Oxley Section 404. Integrated
Systems can customize testing programs to your needs; many of our
security professionals have formal university teaching experience.
Application Code Review
Application code vulnerabilities and design flaws are the battleground
of information security. Integsys can help your development
teams make certain that applications are secure. This includes ensuring
that they are designed based on analysis of risks, threats, and
exposures, and tested to meet security requirements. Integsys
audits your application source code to identify vulnerabilities and can
help your organization implement security conscious coding
methodologies. An Integsys code review provides detailed
documentation that includes guidance for resolution of code
vulnerabilities. Software development requires that independent code
review be incorporated into your security development life-cycle.
Application Penetration Testing
Applications are the most critical interface to your sensitive
information assets. Your security risk is critically linked to the
security of your applications. Network and application vulnerability
assessment and scanning can provide a base level of security to your
applications. Threat agents and attack vectors incorporate layers of
attacks that leverage innocuous information to expose operational
vulnerabilities in an application.
Network Penetration Testing
Network Penetration Testing or "pen testing" provides valuable
information about the risk profile of your network. Automated scanning
generally stops at identifying the vulnerability signature and often
does not validate the path a real exploit may attempt. Network
penetration testing allows you a complete picture of the risk exposure
that a vulnerability could produce. Annual or quarterly network
penetration testing can complement regular vulnerability scanning and
provides a real world validation of configuration and vulnerability
management. In short pen testing simulates a real hacker.
Copyright © 2010, Integrated Systems, Inc.