VIVIX PRO-ACTIVE™ CONSULTING SERVICES
Security Assessment
Threat Intelligence
Security DevSecOps
Risk Management
Penetration Testing
Compliance Readiness
PENETRATION TESTING
Penetration testing, as required by an organization’s security audits, is an integral activity to gauge an organization’s level of resistance to security breaches. When performed by a contracted firm, or “Red Team,” penetration testing gives an organization’s security personnel real experience in dealing with intrusions. Similar to a fire drill, a penetration test forces them to develop an effective, working strategy in dealing with unexpected attacks.
SECURITY ASSESSMENT
A proper assessment of an organization’s security posture must be performed at the network level and at the OS and application level. Below are some sample questions that are asked and evaluated with a risk profile based from ALE (annual loss expectancy), or consequences as it relates to a (EF) exposure factor with Risk/Breach.
CONSULTING SERVICES
SECURITY DEVSECOPS
In many organizations today, the DevOps team and the InfoSec team work more closely and innovatively as peers. This is both an advantage and evolution over the traditional requestor/approver relationship between the two groups, allowing security professionals to bring a bigger presence.
RISK MANAGEMENT
A Virtual CISO is flexibly designed to help meet the security requirements within your organization, and does so without the prohibitive costs of a salaried CISO. This is a strategically good approach for small/medium size businesses that simply don’t demand the extensive types of security operations of large enterprises.
THREAT INTELLIGENCE
Signature based intrusion detection is one of the most commonly used methodologies of threat intelligence, but it is not effective on all types of threats, weaknesses, and vulnerabilities.