Threats and Vulnerabilities
Assessing the effectiveness of both internal and external security controls is an essential part of protecting an organization from vulnerabilities and threats. Understanding the changing threats and prioritizing vulnerabilities is not a simple task that can be left to automated tools. Assessments can also highlight weaknesses in management and business processes that could be exploited.
Integralis’ threats and vulnerabilities services combine best-of-breed tools with powerful manual analysis to give comprehensive and accurate results. Our dedicated team has a wealth of practical industry experience and has all relevant accreditations to enable our customers to have complete peace of mind. Integralis’ proven track record gives our customers the confidence to make security decisions based on expert advice at executive, IT management and technical levels.
Our approach
Vulnerability Assessment
- Automated testing with manual validation
- Gap remediation advice
- External or on-site assessments
Network Penetration Testing
- Comprehensive testing of internet-facing systems or key internal systems
- Use of extensive tool set with deep manual intervention
Web Application Testing
- Detailed examination of custom websites using tools and manual analysis
- Comprehensive testing of threats (e.g. SQL injection, cross-site scripting)
- Usually performed remotely
PCI ASV Scanning
- Meets PCI DSS requirement for quarterly external scanning by ASV
- Combination of vulnerability assessment and automated web application testing with manual false positive removal
- Combined with other services, fully meets PCI scanning and penetration testing requirements
Wireless Access Testing
- Identification of wireless ingress and egress points (authentic and rogue)
- On-site assessment
- Security status testing of all identified connections
- Meets PCI compliance requirements