The emergence of more varied, targeted attack techniques from the malware and hacking communities, combined with growing regulations of organizational security standing — from both government agencies and private industry watchdogs — have resulted in a climate in which businesses are increasingly being required to assess their technological vulnerabilities and security defense mechanisms on a regular basis.Thus, Security Posture Assessment (SPA) is essential for every organization. This exercise will examine and test confidentiality, integrity and availability (CIA) of the information infrastructure used by the organization. International Standard such as MS ISO/IEC 27001:2013 is used as our benchmark while performing our activities.

Assessment activity includes of:

  • Network Architecture and Device Review

  • Internal and External Penetration Test

  • Security Policy and Procedure Development and Review

  • Web Application and Database Assessment

  • Server or Host Assessment

  • User Desktop Assessment

  • Wireless Assessment

  • Physical Assessment

SPA is an important process that pro-actively carried out ensure that the infrastructure and application architecture used is secured from any malicious activities.

SPA Services.pdf