Security Matterz has a team of consultants and highly accredited technical engineers who are capable of understanding the security needs of customers in order to ensure that the right service or technology solution is delivered to meet those needs.
Security Matterz firmly believes that in order to deliver a solution, it must be capable of a range of professional services that are based on best practice. With this in mind Security Matterz is working within the IT Infrastructure Library (ITIL) best practice framework for support and service delivery.
Our consultants are often involved in projects that demand a totally independent assessment of the situation such as a security review of a network or part of the infrastructure. The result would be a recommendation for a particular solution that would not involve Security Matterz in the delivery process.
Security Matterz has recognized that security is just one of the components of a unified governance strategy. The other main components are compliance, policy, risk management, business continuity and best practices.
We have a wide range of consulting services that enable organizations of all types and sizes to:
- Achieve regulatory and legislative compliance in a cost effective manner
- Review their security architecture, assess and mitigate the risks
- Review, create and enforce security policies cost effectively
- Implement effective change management using best practice
Security Matterz has a team of highly qualified and accredited professional including ISO 27001 lead auditors, CCIEs, CCNPs, MCSEs, CESG CLAS consultants, and PMP project managers.
An Internal Penetration Test seeks to identify vulnerabilities and the extent of these, should an attacker gain access to the internal corporate network.
Internal assessments examine the potential for attack in the event that a Trojan program is brought into the network or a malicious attacker (employee or not) gain access to the LAN/WAN. This service uses the same testing techniques as in the external assessment, but applies them to internal systems, with a test-point on the local LAN, without (router, firewall or IDS/IDP) filtering in-between.
External Penetration Test provides a thorough examination of internet-facing systems from the perspective of a hacker.
This service delivers a view of your internet visible network perimeter from the perspective of a remote external attacker, using a combination of manual testing, investigation, and analysis combined with the use of open source security scanning tools, and manual exploitation of relevant vulnerabilities by experienced consultants.
Fact
over 70 % of IT security breaches are Internal comiing from within the organization
Firewall Audit All business class firewalls, such as the checkpoint, Cisco, or Watchguard firewalls have rules which establish which services should be filtered incoming and outgoing. more
VA vs Pen Test
By way of analogy a Vulnerability Assessment is akin to a report of a building pointing out that certain windows have been left open and the locks on the doors are weak. On the other hand a Penetration Test would report this, enter the window and discover and report a handbag and computer left unattended and attempt to pick the door lock. Both report where to buy self-closing windows and better locks.