Home | Press | Contact Us | Testimonials | Clients | Sitemap
1.877.899.9974 x20

Vulnerability Assessment
Print Version

Vulnerability Assessment

Penetration Testing of Internal, External and Wireless Infrastructure

Compliance requirements as well as rising threats to the information infrastructure are resulting in businesses conducting vulnerability assessment to establish the state of enterprise security. Such assessment typically includes external, internal, and wireless penetration testing.
ecfirst targets systems, devices and applications as identified in the scope of work. The testing typically includes, but may not limited to, the following types of systems such as the Internet screening router(s), switch(es), firewalls, critical servers such as those in the data center as well as email, Web, and DNS.
At the project initiation meeting, the ecfirst Program Manager and your Point of Contact will determine and verify the scope of the project and deliverables, client personnel responsibilities, data gathering tasks, status meetings, and the handling of project problems. The ecfirst penetration team will devise a plan of attack before the vulnerability testing begins on network. Once the testing begins, we will scan the active devices for vulnerabilities. This typically includes all TCP and UDP ports. The next step is a manual validation of identified findings. The wireless assessment includes identification of rogue devices, open/vulnerability access points and the state of your wireless LAN security.
The information from internal, external and wireless scans then results in a customized report that is created exclusively for your organization that includes details on security gaps that can be exploited and recommended steps for remediation.

OUR COMMITMENT TO YOU

  1. Plan and conduct penetration testing and vulnerability assessment
  2. Analyze vulnerability assessment data
  3. Develop recommendation to remediate discovered vulnerabilities
  4. All penetration testing and wireless war driving work is only executed upon agreed to times/dates
  5. All work is executed with the minimal impact possible to your staff or resources.

YOU NEED TO DETERMINE

  1. Penetration testing for how many INTERNAL IP addresses.
  2. Penetration testing for how many EXTERNAL IP addresses.
  3. Wireless war driving for how many SITES.

OUR DELIVERABLE TO YOU

A detailed report that clearly establishes the state of your enterprise security.  The report will be focused on findings identified as HIGH RISK, MEDIUM RISK or LOW RISK for each of the areas that is in the scope of work (internal, external, wireless).
Fixed Fee with No Expenses: Call for details and a customized proposal exclusively created for your organization.

CONTACT INFORMATION

For a customized proposal to meet your specific requirements, please contact Lorna Waggoner, Director of Business Development at:
E: Lorna.Waggoner@ecfirst.com
P: 1.877.899.9974 x17

About ecfirst

ecfirst delivers world-class information security, regulatory compliance solutions and its professional services team enables businesses address IT staffing challenges every day. With over 1400+ clients, ecfirst was recognized as an Inc. 500 business – America’s Top 500 Fastest Growing Privately Held Business in 2004 – our first year of eligibility. ecfirst assists organizations with their compliance initiatives for a secure information infrastructure that is compliant with regulations such as PCI DSS, HIPAA, Sarbanes-Oxley, ISO 27002, or federal and state legislations. ecfirst serves a Who's Who client list that includes technology firms, numerous hospitals, state and county governments, and hundreds of businesses across the United States and abroad. A partial list of clients includes EMC, IBM, Principal Financial, U.S. Army, U.S. Dept. of Homeland Security, U.S. Dept. of Veterans Affairs and many others.

Information Security & Compliance

ecfirst delivers deep expertise with its full suite of services that include Single Sign-On (SSO), context management, contingency planning/Business Impact Analysis (BIA), vulnerability assessment, as well as managed compliance, security and IT infrastructure solutions. ecfirst has successfully executed fixed price, fixed deliverable, turnkey projects across the United States.

World-class IT Professional Services

The ecfirst Professional Staffing Practice excels in meeting your short and long term requirements for contract professionals in the areas of Web development, system, database and network administration, application development, system architecture, and project management. This practice is distinguished with credentialed staff (PMP, CBCP, CISSP, CSCS, CHSS or others that may be required) that includes deep industry knowledge in the healthcare, financial, technology and government markets.

Compliance and Training Certification

The ecfirst compliance training program is exclusively endorsed by the American Hospital Association (AHA). The Certified HIPAA Administrator (CHA™), Certified HIPAA Professional (CHP) and the Certified HIPAA Security Specialist (CHSS™) certifications are the gold standards in the Industry. The ecfirst Certified Security Compliance Specialist (CSCS) Program is the first and only information security program that addresses all major compliance regulations from a security perspective.
Talk to ecfirst.com and you will find an organization that is passionate about the services we deliver and exceptionally devoted to its clients. For more information, please visit http://www.ecfirst.com.