SCS Services
Home
SCS Products
SCS Services
Premier Suppliers
GuardTower Partners
Investors
Newsletter
Contact Us
Product Support

NEWSLETTER
FREE
SCS Newsletter where Secure Commerce Systems keeps you up to date with Security news and offers discounts and special offers to our subscribers.


DEMO
Contact SCS today to set up a GuardTower Demo. See how SCS can protect your business.
Read more »
 Penetration and Vulnerability Application Testing Services

Internet use, electronic commerce and the availability of hacker software have mandated the review of network and host based vulnerabilities. As a strong countermeasure, Secure Commerce Systems has developed our LifeCycle security penetration methodology that is extremely effective for testing the security surrounding information systems. This service is based on attempting to penetrate existing security in a manner that provides a “real life” test of data security controls. Data security weaknesses are identified and management’s attention is focused on the need for improvement. An executive summary is provided along with the raw data collected from our assessment tools to be provided to the IT staff who will resolve the identified risks.

Advantages
  • Identify potential threats and vulnerabilities associated with the external network perimeter and the internal network infrastructure.
  • Identify system configuration policy vulnerabilities.
  • Identify denial of service vulnerabilities.
  • Identify application and transaction vulnerabilities.
  • Develop “quick hits” security corrections and improvement opportunities.
  • Develop best-practice recommendations for correcting and implementing countermeasures.
Methodology
  • Project Initiation: develops engagement objectives and communicates the team’s understanding of the rules of engagement.
  • Phase I, Discovery: discovers the factors of the fundamental risk proposition (risk, value, threats, and vulnerabilities), and uses broad research and reconnaissance techniques to identify potential targets.
  • Phase II, Exploration: uses non-intrusive techniques to identify vulnerabilities within the perimeter of the organization.
  • Phase III, Intrusion: tests security controls by exploiting vulnerabilities.
  • Phase IV, Restoration: restores changes in the client’s systems to their original state.
  • Project Reporting: summarizes and presents analysis and conclusions.
Using traditional “ethical hacker” techniques, we identify targets and launch controlled exploits against existing security controls. Common targets include Internet perimeter, remote dial-up, internal network infrastructure, sensitive resources, enterprise applications, and decision support databases.

The key to implementing effective security is a comprehensive understanding of what is being protected. The penetration test assessment will provide a knowledge base of assets, their value to meeting corporate goals and their vulnerability to attack & loss. This analysis will lead our experts to design an effective blueprint that will protect the integrity & availability of information, minimize legal liability and implement survivability techniques to ensure our client’s are among the fittest for survival.

FREE OFFER!!!
Secure Commerce Systems annouces launch of Security Awareness Training and Quiz. Try it FREE!
Read more »


SPECIAL OFFER!!!
Secure Commerce Systems and Symantec offer deal on Deepsight alerting services.
Read more »


GREAT SUPPORT
Secure Commerce Systems offers excellent customer services and unveils a trouble ticket system for online incident notification.
Read more »