IshanTech

Vulnerability Assessment (VA)

Our consultants use an exhaustive methodology that clearly points out the weaknesses and deficiencies, from a security standpoint, in any given system. Organizations across the world have to be sure that their systems will run continuously. Vulnerability Assessment is critical for organizations that need to ensure this. The idea is to minimize or, better still, eliminate the chance of a security breach. Organizations feel a particular need in this regard when they are shifting their operations or launching new systems. At, IshanTech , our assessment criteria is comprehensive, our reports are generated in real-time and self-explanatory, and our consultants are 'management friendly', our recommendations being practical, and our data-collection and analysis procedures are swift and accurate.

Enterprise Security Audit

An Enterprise security audit involves a review of all processes and practices followed by an organization looking to ensure enterprise-wide security. Additionally, there will be a technical audit conducted across all the locations and devices in the enterprise. Based on the spread and criticality of the devices being audited, there is a judicious mix of remote and onsite audits. The technical audit uses industry-standard tools as well as custom-developed tools.

Security Code Review (SC)

A security code review assignment involves the rigorous testing of the existing application source code for programming and structural faults that may lead to possible security weaknesses. It requires access to the source code of the sections of the application, or the complete application that is being tested.

Our consultants use an exhaustive methodology that clearly points out the weaknesses and deficiencies, from a security standpoint, in any given system. Organizations across the world have to be sure that their systems will run continuously. Vulnerability Assessmentis critical for organizations that need to ensure this. The idea is to minimize or, better still, eliminate the chance of a security breach. Organizations feel a particular need in this regard when they are shifting their operations or launching new systems. At, IshanTech, our assessment criteria is comprehensive, our reports are generated in real-time and self-explanatory, and our consultants are ‘management friendly’, our recommendations being practical, and our data-collection and analysis procedures are swift and accurate

Application Security Audit

Our consultant would conduct an Application security audit by testing applications remotely over the Internetfor security holes, or testing applications at the customer site on a staging server with higher levelsof access to the application architecture and documentation. We offer this service in two modes:

• Initial ASA (remote)
• Comprehensive ASA (onsite)

Penetration Testing (PT)

Penetration testing is the testing of networks and their components for security weaknesses. Our consultants could carry these tests with no knowledge of the network, or as authorized users having restricted knowledge of the network. The test is conducted remotely via the Internet on the IP address, the URL specified by the client, or at the client site (for internal penetration testing).

• Light perimeter test — Testing the strength of the perimeter from a remote location.
• Full perimeter test — Verifying the security of the perimeter, the servers in the DMZ with remote exploitation of DMZ and accessible internal systems.
• Internal test — The ‘trusted insider’ test, where our consultants launch this test from inside the client’s network, with internal exploitation.