Security System Testing Services

Home/Practice Areas/Information Security Management/Security System Testing Services
Security System Testing Services 2014-09-09T16:49:13+00:00

Security Systems Testing Services may be provided by netlogx at any stage of development or production. This is especially useful in providing an independent view during system proving. The testing services can be either “Black Box” which assumes limited prior knowledge or “White Box” where there is full application knowledge. For maximum effect a combination of both approaches is often used.

The scope of the testing services would include some or all of the following elements:

  • Identify any non-essential functions that are exposed to users or other applications
  • Monitor network traffic for transmission of information that could be used by an attacker
  • Test for a range of typical vulnerabilities
  • Test resilience to inappropriate data
  • Review systems software for known security flaws
  • Review the infrastructure implementation for secure operation
  • Ensure that applications are not prone to “fail open”
  • Assess the protection of sensitive information and administrative functions

Benefits

Security System Testing Services provide organizations with:

  • Independent, expert assurance that applications and processes are able to resist a range of attacks
  • Comprehensive testing of tailored applications by drawing on extensive security knowledge to devise potential threat scenarios
  • Objective, independent and current knowledge of the security profiles of a wide range of commercial off-the-shelf (COTS) software and COTS-based applications
  • Security expertise to advise on best practice security implementation and remedial work, best practice measures and corrective action required to improve security deployment and integrity
  • Confidence that system will be able to withstand concerted attacks

netlogx will also provide recommendations and guidance for the development of hardened configurations that enable required functionality but do not have any unnecessary features or capabilities. This will greatly improve integrity and resistance to attack.