The emergence of more varied, targeted attack techniques from the malware and hacking communities, combined with growing regulations of organizational security standing — from both government agencies and private industry watchdogs — have resulted in a climate in which businesses are increasingly being required to assess their technological vulnerabilities and security defense mechanisms on a regular basis.Thus, Security Posture Assessment (SPA) is essential for every organization. This exercise will examine and test confidentiality, integrity and availability (CIA) of the information infrastructure used by the organization. International Standard such as MS ISO/IEC 27001:2013 is used as our benchmark while performing our activities.
Assessment activity includes of:
Network Architecture and Device Review
Internal and External Penetration Test
Security Policy and Procedure Development and Review
Web Application and Database Assessment
Server or Host Assessment
User Desktop Assessment
Wireless Assessment
Physical Assessment
SPA is an important process that pro-actively carried out ensure that the infrastructure and application architecture used is secured from any malicious activities.
