Network Security Assessment
This task is concerned with assessing the setup and configuration of the internal network devices and network services as this is one of the most important security concerns every organization need to handle. The basic configurations of every device over the network really determine the actual security posture of the whole organization. It is considered the first security layer and the first door to the organization information.
Systems Security Assessment
ZISS performs advanced System Assessments on each Server and host in the Internal Infrastructure, checking every single and main category on the running platforms and making all the researches, further investigation and interviews with the development and administration teams to get the best output of the assessment, verifying all the steps according to the operating system and running applications. Finally, delivering a customized report that suits the business environment of the organization, all with overall description of any vulnerability or incident found with customized full detailed recommendations and tweaks for configuring and securing these Servers and hosts for better overall IT security.
Web Applications Security Assessment
Many of the data compromises experienced by organizations are related to poor development, configuration and implementation of web based applications. A website application vulnerability assessment involves ZISS web application security experts performing a thorough examination of your web-based applications (internally or externally facing) for vulnerabilities in development and implementation including the 'OWASP Top Ten'.
VOIP Security Assessment
Many organizations are simply blinded by the huge potential savings from VoIP and fail to understand or recognize the inherent risks associated with it. VoIP Penetration testing will strongly help TE-Data to build, audit and assess its VoIP implementations to reach a trusted secure VoIP infrastructures. During the test, ZISS will try to exploit every possible attack mechanisms that can impact TE-Data’s VOIP services and VOIP connectivity with local/international service providers and will attempt to access privileged information or systems by exploiting weaknesses in the VoIP network. Additionally the test will include exploiting the weakness and vulnerabilities of the RSG (Remote Service Gateway) service which permits remote users and interfaces access to Key Telephone System over broadband IP networks.
IVR Security Assessment
Interactive Voice Response (IVR) is a technology that allows a computer to detect voice and dual-tone multi-frequency signaling (DTMF) keypad inputs. The new IVR systems are integrated with the e-banking system. Hence, it needs to be assessed for security vulnerabilities. ZINAD IT Security Services Team (ZISS) will provide a full IVR system security assessment. The IVR system consists of multiple components that need to be inspected. Therefore, the assessment is broken down into phases.
Database Security Assessment
Database is what holds the backend information of IT systems. ZISS audits database management systems (DBMS) that holds the core of system information. In this phase, the database tables, accounts, roles and stored procedures are assessed against security best practices and known vulnerabilities.