The Security Control Assessment is the testing and/or evaluation of the management, operational, and technical security controls in an information system to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system. Security Control Assessment is the testing and/or evaluation of the management, operational, and technical security controls to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system and/or enterprise. – IT controls are generally grouped into two broad categories:
• General controls commonly include controls over data center operations, system
software acquisition and maintenance, logical security, and application system
development and maintenance.
• Application controls such as computer matching and edit checks are programmed
steps within application software; they are designed to help ensure the
completeness and accuracy of transaction processing, authorization, and validity.
• Strong password policy ITGC
• Encryption of mobile devices ITGC
• Anomaly detection system Application
We collect details related to the version number of your systems and software from internet-wide scanners like Censys, Shodan, Zoomeye etc. These version numbers are converted into the corresponding common platform enumeration number (CPE-ID) and are correlated with NIST NVD and MITRE CVSS databases to detect and approximate any unmitigated known vulnerabilities.
We collect the contents web applications from various internet-wide scanners and analyze them for application level weaknesses i.e. Cross Site Request Forgery, Cross Content Mixing, Plain Text Transmission of Sensitive Information etc. The results are correlated with MITRE CWE database to detect the severity level of each findings.
We generate DNS health report from 40+ control items which are collected from online services like IntoDNS, Robtex, Netcraft and HackerTarget. Since DNS queries are recursive, it is almost impossible to detect a hacker footprints from the DNS servers.
We collect vulnerabilities related to potential email servers and SMTP misconfigurations like open relay, unauthenticated logins, restricted relay, SMTP ‘Verify’ vulnerabilities from the online services like MxToolbox and eMailSecurityGrader.
SSL/TLS configurations and vulnerabilities are provided by several 3rd party online services. The results come from various online SSL grading service like Qualys SSL Labs scanner, HTBridge, Mozilla Website Observatory etc.
There are more than 5 billion hacked email / password available on the internet and underground forums. This section shows the leaked or hacked emails & passwords.
Asset reputation score is based on the number of IPs or domains are blacklisted or they are used for sophisticated APT attacks. The reputation feeds are collected from VirusTotal, Cymon, Firehol, BlackList DNS servers, etc.
Hackers publicize their targets or even victims on social network sites to motivate other hackers to attack the same target. The results are filtered from billions of social media content.
Hackers publicize their targets in underground forums or darkweb. NormShield collects information from hundreds of dark forums, criminal sites and hacktivist sites and filters the results for the corresponding company.
Fraudulent Domains and subdomains are extracted from the domain registration database. The registered domains database holds more than 300M records.
Fraudulent or pirate mobile / desktop applications are used to hack / phish employee or customer data. Possible fraudulent or pirate mobile/desktop apps on Google Play, App Store and pirate app stores are provided.
Digital Footprint is determined by open ports, services and application banners. This information is gathered from NormShield crawlers, Censys, VirusTotal, Robtext, Alexa, Shodan etc.
Company employees may disclose Local IPs, email addresses, version numbers, whois privacy records or even misconfigure a service in a way that it may expose sensitive information to the internet.
Attack surface is the technical analysis of open critical ports, out-of-date services, application weaknesses, SSL/TLS strength and any misconfigurations. This information is gathered from Censys & Shodan database and service / application versions are correlated with Passive Vulnerability Scan results.
IT Security controls consist of Parameter and Network Security devices such as
Routers & Switches, Firewalls, IPS, IDS, E-mail security, WAF, Proxy servers, Endpoint Anti Virus etc.
A thorough assessment of rules and policies setup on the devices assures you that they are working as intended and follow industry standard best practices. An IT Controls Assessment is the best way to find the effectiveness of such controls.
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.