Security Assessments & Advisory Services

Security Assessments & Advisory Services

Adversaries continue to advance their skills and innovate new methods of attack.  In order to protect your organization from attackers it’s important to understand your potential vulnerabilities and address security flaws.  Clients continue to attempt to do more with less, and IT staffs are overwhelmed with maintaining systems while keeping up with security patches, much less proactively identifying emerging threats and evaluating new technology and methodologies.

Core employs a team of CISSPs, Certified Ethical Hackers, and Compliance Consultants that work closely with clients to identify and mitigate risk.  We provide a number of assessment offerings including:

  • Penetration Testing
  • Vulnerabiilty Assessment
  • Web Application Security
  • Wireless Network Security
  • Policy Review & Development
  • Security Awareness Training
  • Regulatory Compilance: PCI, HIPAA, SOX, GLB

 


CASE STUDIES

Client Profile - Financial, Community Bank

Organization Size: 300+ Users, +$700M in Assets

Conversation Driver: Compliance

Core Security Services: Penetration Testing

Security Maturity Level: Medium

Engagement Summary: The client, a community bank in Northern Virginia was required by regulators to conduct annual Penetration Testing. Core conducted a Penetration Test for the client and Core’s testing validated the IT Manager’s concerns – it was all too easy for an attacker to gain access from the outside. With internal access, Core discovered weak access controls that allowed the testing team to elevate privileges, ultimately capturing sensitive customer information. Core partnered with our clients Information Technology Management Team to present to Senior Leadership and their Board, which resulted in an increased Information Security budget for the following fiscal year.

Client Profile - Healthcare, Regional Health System

Organization Size: 6,000+ Users700+ Beds

Conversation Driver: Compliance

Core Security Services: HIPAA Assessment, Penetration Testing, Security Threat Defense Products (SkyHigh, Duo, Varonis)

Engagement Summary: Given the increasing attacks on healthcare organizations coupled with rigorous enforcement by regulators, a regional healthcare services provider in Pennsylvania partnered with Core with the goal of establishing a baseline of their security posture – they wanted to know what they didn’t know. At the client department silos had formed internally, reducing communications between Information Technology and the other business departments, and making it difficult to promote the culture of security necessary for modern healthcare organizations.

With a more complete view of risk and HIPAA Security Rule requirements after Core’s testing, the organization quickly prioritized issues, developed action plans for remediation, and executed. Core partnered with their Information Security department to co-present to the findings to  Senior Leadership, winning approvals from the CIO for increased budgets, headcount, and resources.

 


ADDITIONAL RESOURCES:

Sell Sheet Preview_CoreSecurityAssessments

Core – Security Assessments