Vulnerability Assessment

Vulnerability assessment involves proactive scanning of Internet-connected host(s) to ensure that it is not vulnerable to any known methods of attack. Fixing the vulnerabilities discovered during scanning enhances the existing security posture and helps prevent unwanted intrusions both on network perimeter and internally. It helps organizations implement the tools, methodologies and best practices required to address today's dynamic vulnerability landscape and compliance with internal policies and external regulations.

BrickLogix's security assessment services include -

Security Assessments Services

Penetration Testing
External Vulnerability Assessment
Internal Vulnerability Assessmentt
Web Application Security Assessment
Emergency Response Services
Information Security Assessment (ISA)

Regulatory Compliance Assessment Services

FISMA Compliance
Payment Card Industry (PCI) Assessment
SCADA security assessment
Wireless security assessment

Additional Security Services :

Security Policy development
Regulatory compliance strategy
Network architecture design services
Technology implementation planning

The following lists various reliable sources for security vulnerabilities information -

OWASP Top Ten - The OWASP Top Ten provides ten most critical Web application security flaws.

CWE/SANS Top 25 - Consensus list of the 25 most dangerous programming errors.

WASC Web Security Threat Classification - List of Web security threats.

National Vulnerability Database NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP).

National Cyber Alert System offers a variety of security information and bulletins for users with varied technical expertise. A subscription of products ensures that you have access to timely information about security topics and threats.

Sans Top 20 SANS/FBI consensus list of the Twenty Most Critical Internet Security Vulnerabilities that uses CVE-IDs to identify the issues.

CVE Common Vulnerabilities and Exposures List, CVE® is a dictionary of publicly known information security vulnerabilities and exposures. CVE is International in scope and free for public use.

Managed Security Services