Security Services

IT Security is essential to your business because it protects you and your customers from malicious users.  A hacker could infiltrate a company server or client to gain access to (secret) company data and servers, but could also give the company bad media attention and brand damage. This causes customer loss and customer lawsuits, and can even result in enormous legal fees.

A proper security audit is the best first step in any IAM project. Gathering information on f.i. security procedures, policies, physical access, system security,... and awareness will expose gaps and weaknesses.

Our employees are certified professionals ranging from Certified Information Systems Security Professional, Certified Ethical Hackers & Licensed Penetration Testers to product certifications from major vendors (IBM, Oracle, Microsoft, etc…). 

What do we offer?

For performing an exhaustive test on an infrastructure, IS4U pentesters will use a commercial vulnerability scanning product (QualysGuard, Nmap & Tenable’s Nessus) extended with manual testing.

The results from these tests are also used in analysis and reporting. By using a commercial scanner product, IS4U can have more assurance concerning the completeness and accuracy of the specific vulnerability scanning activities. Moreover, these commercial products are typically very up-to-date and allow testing for the most recent known vulnerabilities.

We explicitly note that all known denial of service tests will be excluded. High risk vulnerabilities identified by automated scanners will get manually confirmed to exclude a too high level of false positive reporting.

Adequacy of overall control and presence of implemented control measures should be considered during an IT audit. It is important to understand that a positive test report should not create a false sense of security. A tester is limited in scope and more importantly in time. A hacker is not.

The final delivery of the vulnerability assessments or penetration test is the report with all findings. The report will contain a management summary and a more elaborate results section, with details on each identified vulnerability and proposed remediation.

All findings will be categorized and sorted according to our estimate of potential impact towards the organization on server by server basis. This allows for straightforward prioritization in remediation actions per system.

The report will be presented to management during an exit presentation, and if required, a more technical (remediation) explanation can be given towards system administrators. After this meeting IS4U will delete all scanning reports and customer documentation.

Our Partners