Security Scans / Penetration Tests / Ethical Hacking - the Benefits
 
 
 

Benefits of Security Scans, Penetration Tests and Ethical Hacking

Primary benefits

OneConsult's technical security audits have the following benefits for clients:

  • Quality assurance through (independent) IT security analysis
  • Compliance documentation with respect to legal parameters, regulations and standards (e.g. ISO/IEC 27001/17799, SOX, IT GSHB)
  • Prevention means direct and indirect cost savings (in the future)
  • Awareness building at all levels
  • Know-how transfer
  • Supporting arguments for future IT security projects and activities

Technical security audits provide supporting arguments for future IT security projects. OneConsult GmbH is ISECOM Licensed Auditor (ILA), Gold Level and our security consultants are ISECOM certified in various areas of expertize (OPST = OSSTMM Professional Security Tester, OPSA = OSSTMM Professional Security Analyst, OSSTMM-Trainer), guaranteeing that the tests will be thorough and professional and that documentation of the results will be informative and comprehensive.


Secondary benefits

A completed project will provide answers to questions such as:

  • Do the technical measures implemented within the company comply with legal requirements?
  • Have the security measures been successfully implemented?
  • Is the firewall configured correctly, and/or are the patches up to date?
  • Is access from home office workstations to the company network secure?
  • Is the mail server or e-shop adequately protected against attacks?
  • Is protection against malicious code (e.g. viruses, trojans, denial-of-service tools) adequate?
  • Does the external security provider deliver on his promises?
  • Are all the systems in the organization set up in accordance with the standards or are there also 'illegal' installations?


Maximizing the benefits

To optimize the cost/benefit ratio of technical security audits, OneConsult recommends the following procedure, which combines the strengths of the various test types and therefore ensures that financial and personnel resources are put to the best use:


Value Optimization

Each layer contains the results and findings of the previous layer as a subset. This ensures that valuable project time is not wasted in the labor-intensive test types (penetration test, ethical hacking and application security audit).

If you're interested in OneConsult and you'd like a no-obligation consultation or more information, please contact us.


Further Information
  © 2008 OneConsult GmbH
All rights reserved.
     
Contact Terms Sitemap Deutsche Version Home