Contact
raveneye Services | Security Awareness Training | Case Studies | Social Engineering | Incident Response | Professional Certifications | PCI Audit

1.  Vulnerability Scanning Automated checks for known vulnerabilities against a system or systems in a network.

2.  Penetration Testing
Malicious exploitation of vulnerabilities to externally gain privileged access as a hacker would.

3.  Security Risk Assessment
Ethical hacking exploits beginning externally but advancing into Social Engineering techniques to gain privileged access to the internal business.

4.  Security Posture
     Assessment
A comprehensive on-site assessment of systems, policies and business procedures after double-blind and single-blind penetration testing is complete. Includes Security Awareness Training for the entire enterprise at project completion.

5.  Privacy Audit
An assessment of privacy processes using the 10 AICPA privacy framework components. Includes an evaluation of compliance with federal and state privacy laws.

6.  SAS 70 Audit
Third Party Attestation for the purpose of verifying Information Security Policies and Procedures for clients and/or governing authorities. Includes the privileged security inspection of all applications and data within the business.

7.  Incident Response
Emergency response to an information security crisis within the organization, such as information loss, network security breach, malicious employee activity, compromised information by a terminated employee or natural disaster.

8.  PCI Audit
PCI compliance is required of all merchants and service providers that store, process, or transmit cardholder data. See the Payment Card Industry Data Security Standard.

extend

  1. Vulnerability Scanning
  2. Penetration Testing
  3. Security Risk Assessment
  4. Security Posture Assessment
  5. Privacy Audit
  6. SAS 70 Audit
  7. Incident Response
  8. PCI Audit

These services are performed by ethical professionals holding a minimum of CISSP Certification, which was designed by the Information Security Consortium to recognize mastery of an international standard for information security.

The scope of each service is designed to promote compliance with recent Information Security and Privacy Acts, such as:

  • ISO 17799/27002
  • Federal Trade Commission Safeguards Rule
  • Payment Card Industry Data Security Standard
  • Gramm-Leach-Bliley Act
  • Health Insurance Portability and Accountability Act
  • Sarbanes-Oxley Act
  • FERC Critical Infrastructure Protection (CIP) Reliability Standards
  • Government Information Security Reform Act
  • California Security Breach Information Act (SB-1386)
  • Section 522 Privacy and Data Protection (TTIAGGA Act, 2005)
  • Federal Information Security Management Act