|
How Strong Are Your Defences?
We provide a range of testing or assurance services to clients
both in Ireland and internationally. From our entry level
vulnerability assessment to comprehensive penetration testing
clients can feel secure that they are getting a superior level
of service in terms of technical ability and industry professionalism.
 |
Vulnerability
Assessments |
Vulnerability assessment provides a cost effective
way to test your infrastructure and perimeter defenses
for weakness... |
|
Penetration Testing
(Ethical Hacking) |
| The Hacker-Eye View Of Your Network. Probing of a
particular system and exploitation of vulnerabilities... |
|
SafetyNet Program |
| Security Is A Process Not A Once Off Engagement. A
vulnerability assessment program... |
|
Application Security
Testing |
| Application security testing is a useful method to test for any weaknesses in your application.
Rits provides comprehensive testing programs.
|
|
Server Hardening |
| Strong Configurations Mean Secure Systems. We understand
the problem of inherent vulnerabilities in operating
systems... |
|
PCI Data Security Standard |
| Rits can assist you to comply with the PCI Data Security Standard |
Vulnerability
Assessment
Entry Level Perimeter Defence Tests
Vulnerability assessment provides a cost effective way to
test your infrastructure and perimeter defenses for weakness.
Our team will utilise 'best of breed' tools to detect and
identify technical vulnerabilities that can be exploited
by intruders to gain access to the network. Once the assessment
has been completed, our team analyses the findings and a
full report is provided, identifying your current risk levels,
and recommending the appropriate countermeasures.
The service is based on the number of externally
facing IP's which you would like tested examples of these
could be your office Internet connection or an externally
hosted website. Other network elements  ,
which can be tested, include dial-up, RAS and VPN access points. More proactive and intrusive than a vulnerability
assessment. Probing of a particular system and exploitation
of vulnerabilities.
What is penetration testing?
Penetration testing is a formal approach
to probing a computer or network system for weaknesses. The
penetration test team, (Tiger Team) utilise the same procedures
and techniques that real hackers do, using automated tools,
live penetration attempts by test team members, as well as
a variety of conventional and unconventional access methods
The object of penetration testing is to provide
an informed view of the resilience of the security sub-systems
and to support such views with evidence of the vulnerabilities,
which can be analysed to determine suitable countermeasures.
A penetration test ends with a report to
the affected line management on the results uncovered by the
test, including recommendations to resolve or mitigate these
vulnerabilities, in order to reduce risks to an acceptable
level.
Key Benefits
· Independent verification of
security stance
· Identify and rectify holes and vulnerabilities
· Formal Approach
· Recommend countermeasures
Why do it?
When your site is under attack, you can't
afford the time to learn those security skills you've been
putting off.
As more companies and people are connected
to the Internet, the numbers of hacking incidences are growing.
With greater numbers of users surfing, more hackers are appearing,
knowledge is being shared across the net and fledgling hackers
('script kiddies') are learning faster as exploits are published
without any apparent control.
Yet security saves money! Many companies
pay three times over for insecurity. Losses are suffered through
security failure; costs are incurred recovering from the incident;
followed by more costs to secure systems and prevent further
failure. There is direct financial benefit from good security
and indirect savings as well.
When should you do it?
Unless you have performed one recently, and
have amended all known vulnerabilities, the time to do it
is now.
Because your network is a constantly changing
environment, every time you make a change in your system you
run the risk of opening up new holes. Therefore the need to
constantly keep a security policy up to date is imperative.
Security is not a once off issue. Rits offer a penetration
service that can include ongoing testing throughout the year,
specific
to the needs of each customer. SafetyNet Program
Security Is A Process Not A Once Off Engagement
A vulnerability assessment program against your organisation's
defenses which provides expert analysis of the findings
and recommendations to mitigate these issues.
Ongoing subscription service that betters equips a customer
to proactively manage new threats
With SafetyNet, customers enroll in a program that allows
them to choose the frequency of assessments: quarterly,
monthly, or weekly according to their needs
'Industry leading consultants scrutinising
your defenses on a regular basis'
The SafetyNet program provides security vulnerability detection
and analysis for devices on a network, by a team of highly
skilled professionals. The team works with you to provide
the advice, analysis and expertise that you need to maximise
the effectiveness, security and performance of your network.
Why test my network?
A security assessment of your corporate network allows
you to quantify the risks associated with open computing.
Common misconceptions: 'I
have a Firewall, therefore my network is secure'.
Not necessarily. A firewall is an essential part of a network
security infrastructure, but simply plugging in a firewall
and hoping for the best is risky. If your servers are poorly
configured and security policies are lax, an attack is likely
to succeed.
SafetyNet - Why do it?
· Peace of mind
· Independent assessment by security experts
· Confirmation of security status
· Detect new vulnerabilities in a timely manner
· Highlights vulnerabilities introduced by change
· Detect configuration errors
· Compliance with best practice - Legal mitigation
· Risks associated with user activity
· Cyber liability insurance benefit Application Security
Testing
Start As You Mean To Go On...
When developing software applications, security
must be considered during the planning stage, as security
features need to be built into system design rather than "pasted
on" after the fact. For more information on the range of our services visit our
application security consultancy section We can help with the training of developers
in best practice; advise
through out the development process, and test the end product. Server Hardening
Strong Configurations Mean Secure Systems
We understand the problem of inherent vulnerabilities in
operating systems and can address them confidently resulting
in strong system configurations.
Weaknesses and vulnerabilities that exist on your servers
are potential hazards that can give access and control permissions
to the wrong people.
Server Hardening is a means by which a system is "locked-down"
to make it as impregnable as possible. Needless to say consideration
in maintaining a balance, between operational convenience
for the users and your security strategy, is imperative.
Why do it?
Statistics show that more than 80% of breaches originate
inside the organisation. These risks can take multiple forms.
Unscrupulous employees may be searching for organisational
advantages. A disgruntled employee may be co-opted by an
industrial espionage agent, or a contractor, given access
to corporate information may make illicit copies of files.
From the outside in, a firewall must be configured
to allow or deny traffic. However, attacks that can bypass
or circumvent a firewall will have free reign over the information
on your servers. Thus the need to provide security features
for internal computers must also be employed as
part of your overall security policy. | 
