Security Services

 
 

We have seen an enormous increase in IT security related regulations for our clients, over the last five years. 

Beyond the regulatory drivers, there is a growing awareness of the security risks present in a post-911, post-NIMDA-virus world. Recognizing that we serve a diverse base of clients in the banking and financial services sector, as well as the corporate sector, we have expanded and re-packaged our computer network security assessment services to provide solutions for a broad spectrum of security concerns.

We now offer a "Ladder" of Security Services from Basic External Penetration Testing to Expanded Internal Vulnerability Assessments, all of which meet third party regulatory testing requirements. We also offer remediation services that "harden" assessment-identified problems and a managed security service.

 

 
 

Basic External Penetration Test:  This service is often referred to as a "White Knight Attack" or "Invited Attack" and is designed to give an organization a snapshot view of how effective the network's external security measures are when put to the test by an experienced hacker using automated hacking tools.

Expanded External Penetration Test: Using a combination of automated and manual tools, an experienced security expert probes your network in greater depth than in the Basic External Penetration Test (described above). Generally performed over a series of days and nights, this assessment identifies known exploits, hardware, software and architectural weaknesses and includes a summary of security vulnerabilities with a prioritized list of areas requiring remediation.  In addition, we assess your public information and provide you with expanded assessment results reporting. 

Basic Internal Vulnerability Assessment: This service is designed to give the client a snapshot view of how effective the client’s network internal security measures are when put to the test by an experienced hacker who has access to the client’s network.  At the client’s locations, we install a special scanning appliance inside the firewall that scans your network to see what we can find.  Findings can include improper server configurations, un-patched software and other network vulnerabilities.  We use an automated means to conduct our analysis. 

Expanded Internal Vulnerability Assessment:  In addition to the Basic Internal Vulnerability Assessment (described above), we conduct a Network Architecture Review, Network Access Control Assessment, identify vulnerable services and provide expanded assessment reporting.

IT Audit: We review all facets of your IT operation including network architecture, server configuration, desktop and end-user management, backup strategy, disaster recovery and policy, service agreements, software license compliance, patch management, problem tracking and virus, spyware, Adware, Spam and encryption solutions.  After the audit is conducted, we send the client a detailed report of our findings, risks and recommendations.

Information Security Planning, Architecting, Design and Support: Denning provides a complete range of information security solutions and outsourced network support available on a project basis or as a recurring service. We have extensive experience in LAN/WAN support, secure network design, backup solutions, firewalls, anti-virus and anti-spam solutions, intrusion prevention, internet content filtering, security policy development and training.

Business Continuity Planning: Denning works with the client's management to consider every critical aspect of its business before creating a plan for how it will respond to disruptions. This is not (normally) limited to IT systems and services, but is enterprise-wide and considers every critical business unit, including personnel and the physical workspace. The process includes conducting a business impact analysis and a risk assessment, followed by a plan for risk management and risk monitoring.

Managed Security Services: Denning offers a managed security service that includes Firewall, Intrusion Detection and Prevention, anti-Virus, anti-Spam and Content Filtering Protection together with a full reporting service.  We also offer patch management systems, and secure ISPs.

 
   

 
     
     
 
 
© Copyright 2009 Denning Compliance Services, llc.