IT organizations often lack the internal resources and expertise to keep up on an ever-changing security and regulatory landscape let alone test and assess their networks, applications and overall security programs. They need help elevating their security profile, reducing risk and achieving compliance with applicable laws and industry mandates.
Dell SecureWorks Testing & Assessments Services provide organizations with the knowledge, expertise and efficiency needed to conduct thorough security and risk evaluations of your environment. We offer testing and assessments that address logical, physical, and technical and non-technical threats to your environment. We can help you identify gaps that create risk, help you construct a stronger security posture, and help you to confidently meet your compliance mandates.
Our security consultants use proven consulting and project management methodologies to deliver superior results to your organization. Besides clear security and technical expertise, our resident consultants understand business, know how to prioritize findings that reflect your business circumstances, and can effectively communicate to your technical and non-technical audiences.
Many organizations self-diagnose the security of their networks, systems and information. This self-diagnosis can fall short as the evaluator has other full-time responsibilities within the organization, often lacks the critical thinking skills and technical tools of a hacker and lacks the external visibility into the nature of real-world threats that could compromise your environment. Understandably, if any initial risk assessment is inaccurate, then the effectiveness of any risk prioritization and remediation will be reduced as well.
Our expert security professionals understand the real risks you face and can help your organization prioritize remediation. With access to our Counter Threat Unit(SM) and Security Operations Centers experts, our security and risk consultants have complete visibility into an evolving threat landscape. As a result, they know what to look for to identify the real, not just theoretical, risks to your business. Our security consultants will then prioritize their findings and provide meaningful recommendations on remediation. This guidance saves you time and effort as you determine the most effective means to mitigate or accept the identified risks.
IT staff are often leveraged beyond any capacity to actually test their security and compliance preparedness against real-world threats. In addition, IT lacks the independence and often lacks the testing expertise needed to conduct detailed testing of their networks, systems and operations.
Dell SecureWorks Testing & Assessments Services security consultants can test your networks, systems, facilities and employees. Through use of “real-world” strategies and tactics, we determine where your security is strong and where gaps exist that could lead to a compromise. In addition, our testing services help you meet your particular compliance requirements.
Dell SecureWorks Testing & Assessments Services include:
Client-side Penetration Testing
This form of penetration testing is focused on applications and processes at the client machine and user level to exposure gaps and vulnerabilities that may exist for hackers to penetrate your networks through.
Enterprise Information Security Risk Assessment
The Enterprise Information Security Risk Assessment service is a global information security assessment of your information security practices. We provide you and management with an evaluation on the state of your global information security program with regard to security and operational processes, procedures, gaps in coverage, as well as identify areas of improvement and provide guidance on a future-state.
General Controls Audit
The General Controls Audit is a review of the governance and controls policies you have in place around your network, infrastructure and data assets. The General Controls Audit is similar to the IT Security Audit except that it does not include testing.
The Information Security Assessment & Risk Analysis service is a risk-based assessment of your information security practices. We provide you and management with an evaluation on the state of your global information security program with regard to security and operational processes, procedures, gaps in coverage, as well as identify areas of improvement and provide guidance on a future-state.
IT Security Audit
The IT Security Audit service evaluates your Information Security Program for compliance with regulatory requirements and security best practices. This includes reviewing your security policies, standards, guidance, procedures and other materials and performing spot checks of controls-in-place where appropriate. The assessment covers a wide area of areas including: Risk Assessment, Analysis and Management; logging and data management; Technical testing of your network to identify gaps and controls weaknesses.
The Mobile Application Security Assessment is a holistic, security and risk assessment of your mobile application or “mobile app." The assessment considers the app running on the mobile device, supporting backend systems and the data flows in-between to provide you a thorough and complete compliance, risk and security assessment.
The Mobile Device Use Risk Assessment examines a specific mobile device use case to assess security and compliance risk to your organization.
Network Security Architecture Review
The Network Security Architecture Review is designed to evaluate the security architecture of your networks and logical security controls you have in place to protect your systems and information assets.
The Open Source Intelligence Assessment service identifies areas of risk to your organization in the cyberworld beyond the borders of your network. The Open Source Intelligence Assessment service provides a point-in-time snapshot and analysis of the risk posed by information accessible across the Internet.
A penetration test determines how well your organization’s security policies protect your assets by trying to gain access to your network and information assets in the same way a hacker would. Penetration testing is sometimes used as a broader term that encompasses numerous techniques and tools, or can be applied strictly to mean testing of a specific logical process.
Social engineering is designed to test the awareness and response of employees to penetration attempts through live and technology-based “social” interactions. Social engineering can help organizations understand if employees represent their weakest link in security preparedness.
The Vulnerability Assessment is designed to identify critical flaws in your network that an attacker could exploit. Our testing methodology is an iterative, multi-phase process by which we assess the security of your network and systems. Testing may include your firewalls, routers or other network infrastructure devices, intrusion detection and prevention systems, web servers, email systems, virtual private networking (VPN) systems, etc.
Dell SecureWorks' Vulnerability Management service leverages QualysGuard technology to perform highly accurate internal and external scans across your network devices, servers, Web applications, databases and other assets in your environment. The service identifies vulnerabilities in your environment and provides detailed analysis and remediation guidance.
Mimicking real-world auto-dialer threats, war dialing seeks to identify, gather information and test vulnerabilities of your modem and fax devices.
Our Web Application Scanning Service leverages QualysGuard Web application scanning technology to help you assess the security of your Web applications and identify flaws that could be exploited by attackers. This service, delivered on-demand, provides automated, self-service vulnerability scanning of internal and external Web-based applications to help you safeguard Web applications, protect sensitive data and satisfy regulatory requirements.
Dell SecureWorks Web Application Assessment Service helps organizations protect information-based assets from threats targeted at web applications. Web application testing incorporates secure coding and testing practices to identify vulnerabilities that may be easily exploited by hackers to bypass traditional security measures.
This service uses a structured and iterative process, testing the network architecture, systems configurations, processes, and procedures that affect your ability to protect your wireless assets from unauthorized access. The service involves performing a site review, conducting configuration reviews of your wireless architecture, technical testing and scanning for rogue access point detection. For PCI cardholder data environments covered within scope, this testing may be used to satisfy relevant Data Security Standard requirements.
3rd Party Diligence
This service involves assessing the security profile of your vendors and affiliates as it relates to systems interactions and custody of private data in order to identify risks to your own organization.
If you would like more information on our Testing and Assessment services, please email UKenquiry@secureworks.com or phone 0870 085 8555 to speak to one of our advisers.