RKON security assessments enable organizations to outsource their risk and compliance management to a trusted third party with years of experience managing medium to large networks and adhering to industry best practices. We carefully walk you through the results of the testing to help you understand the issues found—from mission-critical to less-critical—and to execute the next steps.
Below are the typical security assessments we implement for organizations who are seeking to measure their security compliance and improve their overall information security posture.
A complete vulnerability management solution is available for internally and externally available systems. We will scan your environment for over 55,000 known vulnerabilities and exploits. Learn more >
After discovering any vulnerabilities, we attempt to actively exploit them to see if it is possible to breach the organization’s perimeter security. A wide range of penetration testing assessments are available, from a basic external attack assessment to an enterprise-wide assessment. Learn more >
Our audit will help you to uncover the strengths and weaknesses of your virtual infrastructure and test the effectiveness of your current security procedures. Learn more >
A complete web application assessment based on the OWASP Top Ten. Areas tested include code injection, cross-site-scripting, poor authentication, misconfiguration, storage, security certificates, and redirects. Learn more >
Wireless site surveys, secure infrastructure reviews, and penetration testing are available. These assessments help an organization to prepare for secure wireless deployments or validate existing wireless infrastructure. Learn more>
A review of your current security policies is the best start for validating a proper corporate risk analysis. RKON will work with your team to identify areas for improvement in your current policies and/or develop an all-encompassing security policy for your organization.
By reviewing you current perimeter security posture, RKON can determine areas of possible exploitation and make recommendations to reduce your risk footprint. Areas include firewall and IDS/IPS security review, web/ proxy/SMTP filtering, and VPN access.
By performing authenticated scans of your server environment, RKON can determine if you are aligned with accepted security best practices, and areas such as patch management and secure service delivery.
Reviews that perform configuration audits for IOS-based Cisco devices and JunOS based Juniper routers, switches and firewalls.
Assessments developed to test AIX, HP-UX, Linux, Solaris and Windows systems for minimum required PCI configuration settings.
Configuration audits to verify alignment with DoD best practices for Apache, IIS, Solaris, Red Hat, Windows, Mac OSX, Microsoft IE, IBM iSeries
Assessments to test your alignment with industry compliance standards such as: FDCC, SCAP, CERT, DISA, NSA, GLBA, PCI-DSS, and HIPAA standards.
Audits based upon standard Microsoft and *nix security templates. These include best practices for: Abobe Reader, AIX, Apache, Linux Process Accounting and Secure Login, OWASP Top Ten Recommendations, Red Hat, SELinux, Tomcat, VMware ESX, IBM iSeries, Databases (DB2, MS-SQL, MySQL, Oracle), Unix, and Windows systems.
Assessments are available for a wide variety of Control Systems and SCADA from NSA approved vendors.
Audits designed to allow users to determine if an anti-virus package is installed and set to a working state, as well as scan for known trojans and rootkits.
Assessments that validate the current status of the following update software: Windows WSUS, Red Hat Satellite, SCCM Server, and VMware Go Server.
Audits that look for Credit Cards, Social Security numbers and many other types of sensitive data.