Utilizing leading security risk assessment methodologies to identify business and technology risks, and can include quantitative risk analysis.
Interviews and testing designed to locate and prioritize vulnerabilities in the client’s environment utilizing guidelines such as NIST, ISO 17799, and other frameworks.
Platforms, wireless, voice, network, email, applications, using Cervais’s Information Security Framework. These components can be executed individually or as part of a larger vulnerability assessment.
Designed to assess security across the enterprise, encompassing many aspects of vulnerability assessments but on a wider scale.
NIST, Sarbanes Oxley, PCI, JIPPA, GLBA, and Industry Guidelines.
Your reputation is one of your most valuable assets. Every day, hackers, phishers and other malicious attackers are trying to compromise your data. Even if the initial financial cost of stolen customer data is small, it’s the negative press and the ensuing reputation loss that can create incalculable losses to customer relations. In an effort to protect customers, the government has instituted regulations including Sarbanes-Oxley, SEC Rule 17a-4, NASD – 3010, and the Gramm-Leach-Bliley Act that require compliance. Cervais understands the new and evolving issues for finance and insurance companies. That’s why we’ve packaged a complete solution known as the Cervais Security and Compliance Solution.
The Cervais Security and Compliance Solution helps maintain your organization’s security by uniting essential ingredients of perimeter protection and message archiving for business continuity and compliance purposes. Do away with piecemeal approaches that are expensive and complicated to maintain. With Cervais, there’s only one vendor to call for the design, implementation, configuration, testing and ongoing support.
Other services include:
Penetration Testing (or pentests for short) is a real-life test of trying to utilize known (and sometimes unknown) exploits, social engineering and other techniques and attacks to gain access to resources and data inside an organization that should be protected from unauthorized access. These tests are used to determine what systems are vulnerable to attack before an actual attack happens, so that an organization can close those gaps or mitigate the risk associated with known and unknown vulnerabilities
Penetration Testing is an involved process that organizations need to discuss with professionals to understand the ramifications of such tests. The level of which the test should be done, the rules of engagement behind the test and the duration if the test are base items that need to be understood and agreed to before any testing actually starts. Penetration tests are not just to see if someone can “hack” your organization. A professional penetration test is about identifying, and mitigating business risk associated with a cyber-attack.
Cervais provides both penetration testing services and penetration test consulting services, assisting our clients with understanding not only the value behind a test, but the intricate details behind the testing, including, but not limited to: