Alpha Technologies is a provider of advanced Cyber Security services in the Private sector, Education sector, Healthcare sector, Government and US military in United States. This proposal is for a Cyber Security assessment project in XYZ organization. The work will cover assessment of different areas which can act as vulnerabilities for XYZ which can be detrimental for the organization or its reputation. Alpha Technologies also provide Cyber Security Services in Industrial Control System (ICS) that support critical infrastructure of United States of America.
SCOPE, APPROACH, AND METHODOLOGY
A network connection to the XYZ’s network will be provided and physical access to the premises will be provided
Appropriate notification will be provided to stakeholders during the assessment so that business is aware of the work being done.
ASSESSMENT ACTIVITIES AND DELIVERABLES
The External Network Security assessment shall include attempts to identify vulnerabilities and risks to the XYZ information system environment from the external internet. After this assessment, a results report will be reviewed with the XYZ technical team
A complete evaluation of the present network infrastructure with industry parameters will be performed and analyzed. Server , Firewall and Router Configurations will be reviewed with network architecture. Vulnerabilities and recommendations will be discussed with XYZ technical team
Wireless network security assessment will be done because wireless network is one of the easy targets to compromise in an organizational security. Combination of different attacks will be performed and results with recommendations will be reviewed with technical team of XYZ
Social Engineering is the act of using coercion and other malicious tactics to gain access to an organization’s data or physical premises. So we are including Social engineering assessment in this assessment. Assessment report with recommendation on some attacks like Onsite Impersonation, phishing attack, dumpster diving, pretext calling and other social engineering attacks will be provided in deliverables
A complete evaluation of present physical security services of building employees, IT assets and sensitive data will be performed. Vulnerabilities and recommendations will be discussed with XYZ technical system
All the present physical security, applications security, system usage, data sharing, IT assets usage and other policies will be reviewed according to market standards. A detailed report will be provided to XYZ management
Web Applications are most important and open to public internet. Web Application Vulnerability Assessment and Penetration Testing (VAPT) identifies the vulnerabilities like SQL injection, Cross Site Scripting in the web application
Industrial Control System supports critical infrastructure that includes Power Industry, Water Industry, and/or Oil/Gas Industry needs to be protected. AlphaIT can assess the security of XYZ Company ICS SCADA system