Security Consulting

Vulnerability Assessment / Penetration Testing
Security Gap Analysis
Security Audit
Security Architecture Design Implementation & Testing
Application Testing
SAP Security Audit

Vulnerability Assessment / Penetration Testing
A Vulnerability Assessment is a simple process to determine the current state of security. It usually entails using a standard Vulnerability Scanning tool.
Penetration Testing is the single most effective means by which an organisation can test for security vulnerabilities without actually being breached by an unauthorized perpetrator. Penetration Testing can provide new insights into the security infrastructure, and the points of weakness most likely to be targeted by a hacker .

Back

Security GAP Analysis
Most organizations have information security controls in place. Usually it is a mixture of firewalls, IDS / IPS systems and organizational security policies such as a Email usage / Internet usage . Some organizations must satisfy regulatory compliance requirements, while others want to ensure they are taking all the appropriate steps to keep their data and networks secure.

vAptus can perform a Gap Analysis to establish an organization’s current security policies, standards and procedures, and compare them to compliance requirement. The Gap Analysis helps an organization gain insight into the areas that need Mapping to required Compliance.

Back

Security Audit
vAptus has experienced security practitioners that help companies establish a comprehensive security program by addressing their security organization, deployment strategy and overall security configuration architecture.
Security auditing is the formal examination and review of actions taken by system users. This process is necessary to determine the effectiveness of existing security controls, watch for system misuse or abuse by users, verify compliance with current security policies, capture evidence of the commission of a crime (computer or non-computer related), validate that documented procedures are followed, and the detection of anomalies or intrusions. Effective auditing requires that the correct data should be recorded and that is undergoes periodic review.

vAptus Security Consulting will customize the audit to focus on those areas that concern your organization more. We can also assess your ongoing requirements, including regular problems of your systems, and alerts customized to your organization regarding known security risks with the current systems.vAptus has well experienced technical, certified lead auditor's team to handle the assignments and deliver in time.

Back

Security Architecture & Network Services
Our InfrastrurceConsulting Services group helps you plan, design and implement technical architectures and infrastructure.
The Security solution based on the defined security architecture and the associated security policies are re charted out for implementation during this phase. A detailed activity plan with specific schedule is chalked out. Post implementation, recommendations are given to test for security vulnerabilities and patches and apply them accordingly. The implementation plan ensures that the applications are tested for functionality at each stage.

Output
An implementation plan brief will be delivered for the proposed security architecture framework, which will consist of:
• Details of current systems within the Security Architecture.
• Network diagrams all the details
• Security Framework and configuration details
• Configuration of various recommended security products

Back

Application Security Audit
Application Security Review evaluates the security posture of an application across the development life cycle, enabling you to identify, eliminate, and prevent security risks in the applications that drive your business.

Back

SAP Security Audit
Our auditing services range from very detailed audits (including detailed lists of who can do what, detailed and understandable risk descriptions, conceptual and procedural findings, relevant recommendations, Sarbanes-Oxley internal control impact) to quick scans. Following is a list of some of the areas we review:-

1. Assessing, defining, and making recommendations to the existing SAP security landscape
2. Analyze roles and access provided and develop recommendations on how to best design      roles to meet business and security requirements (i.e. analyze authorization objects).
3. Check for Segregation of duties compliance
4. Security parameters and security relevant internal processes
5. Set up and review risk acceptance
6. Internal security policing policy and tools
7. Custom reporting for auditors and/or audit tools
8. Assist in audit remediation

Back