Security Assessments

Internal Assessments

Performed from inside the network to determine how much information an employee or contractor can acquire without detection.

Wireless Assessments

Assesses the security of an authorized wireless network while identifying rogue access points, mapping an area's wireless activity and highlighting signal leakage.

Infrastructure Assessments

  • Policy and Controls Review

  • Network Architecture Review

  • Firewall Review

Web Application Assessments

Uses an in-depth probing to fully test access controls in order to find configuration deficiencies and security vulnerabilities. Common web application exploits often include SQL injections, cross-site scripting, request forgeries, directory transversals, buffer overflow checks and 'remote file includes' in PHP. 

Social Engineering Assessment

Validates the strength of your policies, the comprehension and compliance of staff, and the viability of technical controls.  We report areas of concern, identifies failures in best practice, documents compliance issues, and provides recommendations for improvement. SMP can help re-mediate weaknesses and assist in the development and implementation of security awareness training programs.

Mobile Application Security Assessment

Includes evaluation of overall mobile infrastructure; penetration tests on mobile clients and the servers that control them; assessment of the security of all mobile devices (iPhone, Android, tablets, etc.) and apps to determine their susceptibility to data breaches; and evaluation of the gap between current policies and procedures and known best practices.

External Vulnerability & Penetration Testing

Scans all located and responding Hosts from the Network and Host Discovery phase to identify all known security vulnerabilities. The External Penetration Testing analysis consists of actual testing of the vulnerabilities found during scanning to assess how far an intruder can penetrate the network. Mission critical applications operating through an organization’s firewall should be tested if vulnerabilities exist and patching or architectural changes do not significantly reduce exposure.