Risk assessments and security testing are an important part of any information security program
Jacadis offers an array of assessments and tests that range from the strategic to the highly technical. These include:
Security Program Review – a formal measure of the maturity of your security program. Is it reactive? Improving? Mature and aligned with company goals? A Security Program Review helps you improve the security operation in your organization.
Risk Assessment – A risk assessment identifies potential security issues and analyzes what could happen if something actually happens. It prioritizes issues based on the likliehood they might happen and the impact they would have to your organization if they do happen. A risk assessment helps you prioritize your security program investments.
Controls Assessment – A comparison of an organization or system against a defined control set. Such as NIST, SANS CAG, OWASP and so on.
Compliance Assessment – A comparison of an organization or system against the requirements defined by a regulatory authority such as HIPAA, PCI, and GLBA
Security Architecture Review – A security architecture review looks at high level look at your IT architecture focusing the major elements of your systems and how those elements broadly interconnect.
Vulnerability Assessment – a review of an organizations controls to determine areas of potential risk and identify areas with weak or non-existent controls in place
Application Assessment – a review focused on a particular application target typically a web application or mobile application.
Incident Management – The overall process of response when an incident has been discovered or reported
Incident Response Test – The specific actions taken as specified in the organizations incident response plan to react to an active incident and protect the organization
Penetration Test – a test of an organization, network, system or application which uses technical tools in an attempt to gain access to an organizations network and data