tcl security testing services v0 03 kvs 180511
DESCRIPTION
Security testing servicesTRANSCRIPT
TCL Security Testing
TCL Security Testing Services v0 03 KVS 180511
Enterprise applications are the enterprise’s new security perimeter. focuses on detecting application vulnerabilities in order to ensure that only authorized users are able to access the application and that authorized users are able to access and update only the information to which they have been granted Applications require varying levels of security testing depending on the purpose of the application, the application customer base and the data contained within the application database. To address client security risk levels associated with customers have the ability to pick and choose from any of the following service offerings and customise.
Security Review and Assessment Security Application Testing Security Vulnerability Testing
Review and Assessment Overview
Perimeter Review – Firewalls, Routers, RAS servers, Virtual Private Networks, Wireless LANS
Server Review – OS hardening, S/W patch currency, active services review, account review
– All IPS visible to internet Content Management Review – Web traffic
– Antivirus / Malware Prevention and Remediation. Technical Policy Review – Passwords, Directories, Groups, Accounts
– Access Control Authentication Review – Effectiveness of current authentication
– PKI, tokens, smartcards Intrusion Detection System Review – ID Sensors, Analysis Stations, Burglar Alarms, HIDS and NIDS
– Log analysis and intrusion attempt reporting Encryption Review. – Packet encryption, file / data encryption, hard drive encryption
Application Testing
TCL’s Security Testing also verifies that been met. Uses our requirements based testing methodology
– Develop Test Strategy, Plan and Cases/Scenarios Application security controls like
– Data Confidentiality, Non Repudiation – Communication Security and Data Integrity security – Web Application Security
Security Testing Services
Page 1 of 3 Commercial in Confidence
Enterprise applications are the enterprise’s new security perimeter. TCL’s Security Testing focuses on detecting application vulnerabilities in order to ensure that only authorized users are able to access the application and that authorized users are able to access and update only the information to which they have been granted permission. Applications require varying levels of security testing depending on the purpose of the application, the application customer base and the data contained within the application
To address client security risk levels associated with unique applications, customers have the ability to pick and choose from any of the following service offerings and
Security Review and Assessment Security Application Testing Security Vulnerability Testing
Review and Assessment Overview
Firewalls, Routers, RAS servers, Virtual Private Networks, Wireless LANS
OS hardening, S/W patch currency, active services review, account review
Content Management Review
Antivirus / Malware Prevention and Remediation.
Passwords, Directories, Groups, Accounts
Effectiveness of current authentication
n System Review ID Sensors, Analysis Stations, Burglar Alarms, HIDS and NIDS
Log analysis and intrusion attempt reporting
Packet encryption, file / data encryption, hard drive encryption
Security Testing also verifies that the following application security requirements have
ments based testing methodology Develop Test Strategy, Plan and Cases/Scenarios
Application security controls like Data Confidentiality, Non Repudiation Communication Security and Data Integrity security Web Application Security
Commercial in Confidence© 2011
Security Testing focuses on detecting application vulnerabilities in order to ensure that only authorized users are able to access the application and that authorized users are able to access and update
Applications require varying levels of security testing depending on the purpose of the application, the application customer base and the data contained within the application
unique applications, our customers have the ability to pick and choose from any of the following service offerings and
Firewalls, Routers, RAS servers, Virtual Private Networks, Wireless LANS
OS hardening, S/W patch currency, active services review, account review
application security requirements have
TCL Security Testing
TCL Security Testing Services v0 03 KVS 180511
Design/Requirement Impact – tokenisation architecture, common PCI requirements
Coding standards – shared variables across threads
Early penetration testing – automated & manual
Security standards control – governance of architecture & testing
Vulnerability testing – inappropriate file permissions
Security compliance reporting – PCI, DPA – Sarbanes-Oxley – Basel II – Food and Drug Administration – NERC-CIP – Health Insurance Portability and Accountability Act (HIPAA)– Federal Information Security Management Act (FISMA)– Gramm-Leach-Bliley Act (GLBA)– Payment Card Industry Data Security Standard (PCI DSS)– ISO 27001 / 27002
Vulnerability Testing
Identify network security gaps Review results of gap analysis report and make recommendations Implement recommendations.
Benefits
Authentication of a secure environment Understanding of the current adherence to your Security Policy
Security Testing Services
Page 2 of 3 Commercial in Confidence
tokenisation architecture, common PCI requirements
shared variables across threads
automated & manual
governance of architecture & testing
inappropriate file permissions Security compliance reporting
Food and Drug Administration (FDA)
Health Insurance Portability and Accountability Act (HIPAA) Federal Information Security Management Act (FISMA)
Bliley Act (GLBA) Payment Card Industry Data Security Standard (PCI DSS) ISO 27001 / 27002
entify network security gaps Review results of gap analysis report and make recommendations Implement recommendations.
Authentication of a secure environment Understanding of the current adherence to your Security Policy
Commercial in Confidence© 2011
TCL Security Testing
TCL Security Testing Services v0 03 KVS 180511
Awareness of potential inadequacies in security Improvement of security through design and implementation of secure network solutions
Protection from damages and financial losses from unwelcome network access
Key Deliverables
TCL security testing services delivers the following outputs:
• Identification of application security vulnerabilities
• Application security vulnerability reports
• Remediation analysis
• Recommendations to assist with the remediation of the vulnerabilities
Contact
K. V. Shashi Kiran [email protected] +91 98450 08696
Security Testing Services
Page 3 of 3 Commercial in Confidence
Awareness of potential inadequacies in security Improvement of security through design and implementation of secure network
Protection from damages and financial losses from unwelcome network access
services delivers the following outputs:
Identification of application security vulnerabilities
Application security vulnerability reports
Remediation analysis
Recommendations to assist with the remediation of the vulnerabilities
End of Document
Commercial in Confidence© 2011
Improvement of security through design and implementation of secure network
Protection from damages and financial losses from unwelcome network access
Recommendations to assist with the remediation of the vulnerabilities