1.1. Vulnerability Scanning
We use industry specific tools & techniques to examine your information systems for security gaps and misconfigurations
1.2. Penetration Testing
We simulate test attack on your info systems and applications. The focus of the penetration test is to determine how vulnerable your data core is.
1.3. Web Application Assessments
This assessment focuses on a runtime analysis of your internet, intranet, and extranet web-based applications with the intent to expose weaknesses and vulnerabilities within your applications.
1.4. Wireless Network Vulnerability
This on-site assessment will reveal the security gaps in your wireless infrastructure. Solutions are based on detailed log.
1.5. Incident Post-Mortem Assessment
After an incident has taken place, our experts provides an analysis report for management review. This is a highly valuable report to advise on appropriate countermeasures to prevent the recurrence.
1.6. Policy & Procedures Design or Review
Our experts will determine whether existing policies are relevant and up-to-date based on the established security standards; such as ISO, ITIL, COBIT.
1.7. Information Systems Audits
These audits assist to identify security gaps in topology causing poor operational practices and systems misconfigurations exposing risk to your sensitive information.
1.8. Threats & Risk Assessments
Understanding and assessing risk is one of the most fundamental ways your organization can improve your information security decisions with our Risk Assessment service formally documents the risks associated with your Information Systems and sensitive data assets. Periodic risk assessments reports are conducted to evaluate change management proposals for operational environments.
1.9. Remediation Guidance
This is an advanced level process being used to mitigate risks and threats. Due to sensitivity of this process, only senior cadre security experts conduct the first step to assess enhancement level recommended to implement within the security posture.
Achieving compliance with industry standards does not have to be as complicated as it seems. Regardless of the norms, we will guide you through the validation of conformity processes quickly and smoothly.
2.1. PCI DSS
Our experts consults with client organizations (merchants and service providers) store, process and transmit payment card data. If your business falls into this category, we can ensure your business practices comply with the Payment Card Industry Data Security Standard (PCI DSS).
2.2. HIPAA, PHIPA or PIPEDA
United States Health care institutions are required by law to protect the privacy of Protected Health Information (PHI) by the Health Insurance Portability and Accountability Act (HIPAA). In Canada, it is known as the Personal Health Information Protection Act (PHIPA) and the Personal Information Protection and Electronic Documents Act (PIPEDA). We ensures that your information systems and policies are HIPAA and PHIPA standards compliant.
2.3. ISO or COBIT
We continuously run verification process for clients who have adopted ISO/IEC 27002 framework (Code of practice for information security management) or COBIT (Control Objectives for Information & Related Technology), as a part of their overall Information Systems, Risk Management and Security Policy Framework.
2.4. SANS Top 20 CSC
The SANS Top 20 Critical Security Controls (CSC) define and guide strategies for effective cyber defense solutions. It is a valuable checklist that our professionals has adopted to assist Security and IT Managers. These controls help to evaluate how the systems & policies respond to threats.
Best Practices Review
Our managed security solutions is a robust, technology advanced and comprehensive services platform that keeps your sensitive data and infrastructure secured behind the Zartek Vault.
3.1. Perimeter Network Security Device
Firewalls, IDS, and Web Filtering Devices are critical components of your enterprise network security infrastructure.
A Perimeter Best Practices Review is performed to:
3.1.1. Use a relatively simple mechanism to significantly strengthen your organization’s perimeter security and network segmentation
3.1.2. Verify that network segmentation, in fact, meets best practices and supports your business needs
3.2. Server Best Practices Review
It allows us to safeguard your server and applications securely with focus on the followings:
3.2.1. Server configuration & Policy configuration Review using CIS/NIST Risk Practices
3.2.2. System Device Hardening – eliminate as many security risks as possible, done by removing all non-essential rules/policies, whitelisting software programs, and services.
3.3. Mobile Security
We offers Mobile Security Management program that helps organizations to build risk management framework that is inclusive of mobile devices. Delivered by senior consultants with hands-on experience in security management and governance, the program evaluates your readiness for adopting mobile technology, with a managed and acceptable level of risk.
3.4. Technology Sourcing & Implementation
Our experts closely collaborates with industry leaders in Hardware & Software manufacturing to design an advanced level, sophisticated topology that includes high performance, robust and redundant infrastructure for your organization.
1 Contracted hours must be used within twelve (12) months of contract signing.
Crash Course for C Level Suite
- Chief Information Security Officer (CISO)
Training Courses (Onsite or at Zartek training facility)
Visit https://zartekglobal.com/training-modules/ for details
- Chief Information Security Officer (CISO)
- Certified Ethical Hacker
- Network Defense Architect Licensed Penetration Tester
- Advanced Penetration Testing
- Advanced Hacking Hardening Corporate Web Apps
- Advanced Network Defense
- Advanced Mobile Hacking & Forensics
- Advanced Securing Windows Infrastructure
- Certified Network Defender
- Forensic Investigator
- Security Analyst
- Certified Secure Program.net
- Certified Secure Program Java
- Network Security Administrator
- Disaster Recovery Professional
- Security Specialist
- Incident Handler
- Secure Computer User
- Inscription Specialist
FREE HALF DAY SECURITY CONSULTATION2
This is a non-obligatory free of charge offer applicable to new clients only. Allotted time will be used towards contract services with Zartek. Client will receive vulnerability assessment report at the end of this free rendered service.
Call Us Today to book your time with one of our security experts:
2A “half day” engagement is equivalent to four (4) hours of consultation.