Security Testing Services

Build security into your systems

In an increasingly hostile world, information security has become an absolutely integral part of the business value chain, protecting a company’s core reputation and brand value.

Security testing is a broad term that can be dissected into a range of discrete components. These include:

  • Application health-check – attempting to subvert applications by manipulating data inputs, looking for unwanted functionality
  • Source code analysis – looking for poor coding practices or suspicious routines
  • Vulnerability assessment – automated scanning of networks and systems for known vulnerabilities
  • Internal network health-check – attempting to attack the network from inside the enterprise
  • On-host auditing – ensuring the security policies and standards have been rigorously applied on host platforms
  • External network health-check – attempting to attack the network from external locations, including from the Internet
  • Cloud Computing health-check – attempting to attack Cloud computing services

Planit provides value to our clients through specialised services that cover the entire spectrum of security testing while also helping to minimise business risk. These services are covered under Planit’s three pillars of security:

1. Enterprise Security Architecture Planning and Review
2. Compliance and Governance
3. Security Health Checks

Enterprise Security Architecture Planning and Review

Enterprise Security Architecture (ESA) requires a holistic approach, following a top-to-bottom framework and methodology that defines, designs, develops, deploys and manages security while retaining a close link with business strategy and operational risk management.

It is important that Security Architecture follows a business-driven model, empowering the organisation to do business on its own terms, while ensuring a fully secure environment. As such, when planning security architecture, a balance must be reached with other strategic business requirements including:

  • Cost effectiveness
  • Speedy delivery, scalability and reusability
  • Usability, interoperability, technical integration and supportability
  • Seamless integration with other objectives without conflict

Planit’s ESA services help resolve the business problems caused by a long history of piecemeal implementations. Our Security Consultants look beyond purely ‘security’ to develop a broad vision of your business requirements. They think in business terms at all times, and are able to effectively identify and communicate solutions to your security needs.

Compliance and Governance Planning & Review

Planit offers specialised consultancy and audit services for a wide range of compliance, governance standards and frameworks, including:

  • Federal Information Security Management Act (FISMA)
  • The Health Insurance Portability and Accountability Act (HIPAA)
  • Payment Card Industry Data Security Standards (PCI DSS)
  • National Institute of Standards and Technology (NIST)
  • Banking Law and Regulations (Basel II)
  • Gramm-Leach-Bliley Act (GLBA)
  • Sarbanes-Oxley Act (SOX)
  • ISO/IEC 27001

Security Health Checks

Planit’s Security Health Check service helps to ensure that your information systems’ data is protected and that it maintains functionality as intended. Sometimes referred to as ‘Ethical Hacking’ or ‘Penetration Testing’, these highly specialised functions are performed by specialist security testing professionals whose focus encompasses the full lifecycle of ICT systems.

The six basic security concepts covered by our security health-check service are:

  • Confidentiality
  • Integrity
  • Availability
  • Authentication
  • Authorisation
  • Non-repudiation