Ofisgate Verified Program (OVP)

Security Posture Assessment (SPA)

A proven test methodology to solve your network problem.


How secure is your Network?

It is not a surprise the Information security policy is still not widely practices in most of the organizations today's. In fact, most of them do not have a security policy. How secure is the network? Are the passwords di.cult to crack? Are there audit logs to track who accesses data? These are the questions normally asked among us!

An information security audit (ISA) is one of the best ways to determine how effectively the network security of an organization without incurring high cost and other associated damages of a security incident.

Ofisgate emphasis the important of Information Security Audit. We insist Information Security Audit is the essential network audit for government, private sector or non profit organization. We offer comprehensive Information Security Audit plan, consist of vulnerability assessment and penetration testing. It gives vital security health check on client network and recommend the appropriate security methodology.

Our Vulnerability assessment run scan tests on client’s network and identify entry point that might cause risks, attacks and damages of a security incident. Penetration test is where numbers of attacking software application are being tested on a computer system, network or web application to find vulnerabilities that an attacker could exploit. Auditing reports will be generated afterward based on all the findings and information gathered.

 

Information Security Audit Program

 

Network Security Audit identifying
  • Network Mis-configuration
  • Open Port In Client Network
  • Unknown Port
  • Weird Connections
  • Firewall Configurations & etc.
Database Security Audit identifying
  • SQL/MySQL/Oracle/MS Access/Postgres
  • Default configuration (setting & setup)
  • Connection settings
  • Database settings
  • User Account settings & etc.
Server Security Audit identifying
  • Weak Server Configuration
  • Weak Password Implementation
  • Unpatched services
  • Old Account
  • Unused account
  • Possible Denial of Service (DOS/DDOS) & etc.

 

Web/Application Security Audit identifying
  • Common Holes in Web
  • Bad Password
  • Directory Traversal
  • Old Directory/Folder
  • SQL/MySQL injection
  • Blind SQL/ MySQL injection
  • Cross site scripting
  • Cross site forgery
  • Bad Configuration
  • CGI-BIN Exploit & etc.
Remote Security Audit including
  • External and internal Pen-test for Backdoors
  • Unsecured Open Port
  • Unknown Open Port
  • Old/Unused Services that at risk of exploit
  • Weak security configuration
  • Domain Name Server
  • Trojan, Daemons
  • Brute Force attack
  • SMTP & etc.





 

Find us on Social Media
©2014-2015. Ofisgate Sdn Bhd.