CHECK ITHC (IT Health Check) services offered by BSI Info-Assure.

 

Infrastructure

Internal or external infrastructure testing of servers, virtual environments, network device, network segregation and VLAN hopping. Penetration testing and vulnerability scanning options available.

Application Testing

Web application (thin client) or binary application (thick client) penetration testing services of commercial off-the-shelf (COTS) or in-house developed applications.

Server Build Review

Authenticated server build reviews of all operating systems; such as Windows, Linux and Solaris. Detail configuration reviews to align with CIS and NCSC recommendations.

Mobile Devices

Mobile device configuration lock down assessments of Apple iPhones, Android and BlackBerry devices, mobile application testing and Mobile Device Management (MDM) environment reviews.

Network Device Reviews

Device configuration and rule set reviews of all networking switches and firewalls. Assessment of the software versions and device hardening of all major Cisco, HP, Juniper, Brocade, SonicWall and more.

Wireless Networks

Wireless network testing and configuration reviews of Wireless Access Points, WLAN controllers and client devices. Site surveys and rogue access point sweeps.

SCADA Security

Supervisory Control and Data Acquisition (SCADA) systems are commonly deployed within power production, manufacturing, water treatment, oil and gas companies. They are systems that monitor and control industrial processes. Info-Assure offer detailed reviews of SCADA policy and procedures, architecture, physical security and infrastructure .

Source Code Review

Source code review is systematic examination of the application source code. It is intended to find and fix mistakes overlooked in the initial development phase, improving both the overall quality of software and the developer's skills

Training/Workshops

Bespoke training courses or workshops created to exactly meet your requirements, delivered by our security testing team at your premises.

Workstation/Laptop Build Review

Authenticated end user device reviews of all operating systems such as Windows, Linux and Solaris. Detailed configuration reviews and align with CIS and NCSC recommendations.

Virtualization Testing

Build reviews and infrastructure testing of virtual environments or private clouds, whether commercial or restricted networks. Major products, such as VMware, Hyper-V, and service providers, such as Skyscape or Amazon EC2.

Stolen Laptop Review

With many laptops or mobile devices being lost or stolen, this service offers a detailed look at devices to ascertain what information can be obtained if a device falls into the wrong hands. The review will assess if the laptop can be compromised via boot methods, encryption bypassing, and any information that can be used to further attack the company.

Gold Build Image Review

A detailed malware and forensic review of any master gold images that are used to deploy servers within the environment. This will ensure that the master image has not been infected or tampered with before it is pushed out and used.

Database Review

A detailed review of database servers focusing on permissions, versions and configurations. Available on all major versions such as Microsoft SQL, MySQL, PostgreSQL, Oracle and MongoDB.

Attack Simulation

If you want to simulate a real life attack against your company or services in a controlled manner, Info-Assure can assist. This can test out the overall security of the organisation or service, and test your internal procedures and processes for real life security events.

Environment Breakout

Testing of remote services, such as Citrix, remote desktop, user desktop or kiosk environments, to ensure the end user cannot break out of the controlled desktop into other programs or areas of the network.