sales@ishantech.net +603-79319471


Security solutions are not just a one-time event but it needs to be constantly aligned with business objectives and goals. Web applications and sensitive corporate information are increasingly vulnerable and potential open door to attack by hackers. Organizations have no choice but to deploy technology that specifically secure these critical resources from attack. IshanTech security assessment is customized for your specific needs. Our services review and analyze many different subject areas to ensure that both IT and business functions are headed the same direction.

Access

  • Risk Assessment
  • International Standards Compliance
  • IT Architecture Design & Review
  • Attack & Penetration
  • Web Application Security
  • Security Code Review (SC)
  • Wireless Security
  • Host Security (End Point Security)
  • Database Security
  • Incident Response

Guide

  • Organizational Information Security Strategy
  • Organizational Policy Procedures & Definition
  • Secure Technical Design

Protect

  • Perimeter Security
  • Content Security
  • Intrusion Prevention
  • Secure Authentication (PKI)
  • Secure Remote Access
  • Enterprise Application Infrastructure
  • Operating System Hardening and Baselining
  • Patch & Update Management
  • Total Disk Encryption


Our consultants use an exhaustive methodology that clearly points out the weaknesses and deficiencies, from a security standpoint, in any given system. Organizations across the world have to be sure that their systems will run continuously. Vulnerability Assessment is critical for organizations that need to ensure this. The idea is to minimize or, better still, eliminate the chance of a security breach. Organizations feel a particular need in this regard when they are shifting their operations or launching new systems. At, IshanTech , our assessment criteria is comprehensive, our reports are generated in real-time and self-explanatory, and our consultants are 'management friendly', our recommendations being practical, and our data-collection and analysis procedures are swift and accurate.


An Enterprise security audit involves a review of all processes and practices followed by an organization looking to ensure enterprise-wide security. Additionally, there will be a technical audit conducted across all the locations and devices in the enterprise. Based on the spread and criticality of the devices being audited, there is a judicious mix of remote and onsite audits. The technical audit uses industry-standard tools as well as custom-developed tools.


A security code review assignment involves the rigorous testing of the existing application source code for programming and structural faults that may lead to possible security weaknesses. It requires access to the source code of the sections of the application, or the complete application that is being tested.

Our consultants use an exhaustive methodology that clearly points out the weaknesses and deficiencies, from a security standpoint, in any given system. Organizations across the world have to be sure that their systems will run continuously. Vulnerability Assessmentis critical for organizations that need to ensure this. The idea is to minimize or, better still, eliminate the chance of a security breach. Organizations feel a particular need in this regard when they are shifting their operations or launching new systems. At, IshanTech, our assessment criteria is comprehensive, our reports are generated in real-time and self-explanatory, and our consultants are ‘management friendly’, our recommendations being practical, and our data-collection and analysis procedures are swift and accurate


Our consultant would conduct an Application security audit by testing applications remotely over the Internetfor security holes, or testing applications at the customer site on a staging server with higher levelsof access to the application architecture and documentation. We offer this service in two modes:

  • Initial ASA (remote)
  • Comprehensive ASA (onsite)


Penetration testing is the testing of networks and their components for security weaknesses. Our consultants could carry these tests with no knowledge of the network, or as authorized users having restricted knowledge of the network. The test is conducted remotely via the Internet on the IP address, the URL specified by the client, or at the client site (for internal penetration testing).

  • Light perimeter test — Testing the strength of the perimeter from a remote location.
  • Full perimeter test — Verifying the security of the perimeter, the servers in the DMZ with remote exploitation of DMZ and accessible internal systems.
  • Internal test — The ‘trusted insider’ test, where our consultants launch this test from inside the client’s network, with internal exploitation.