Vulnerability Assessment and Penetration Testing (VA/PT)
VA/PT is a requirement for compliance with standards such as PCI-DSS, or as a part of risk assessment for ISO 27001; regardless, conducting regular VA/PT is deemed a good practice and is usually included in well-designed security programmes. VAPT is included in our security assessments, but we also offer a separate service for specific objectives such as reports for compliance audits. We use VA scanning tools according to the need of the organisation and analyse reports to extract actionable intelligence. In addition to the summary report, we submit recommendations for remediation and a prioritised list of remediation activities.
Topology, Data Flow
Network Access Control
Patching & Anti-Virus
Logging / SIEM