Threat
Assessments
and Tests

What is a governance assessment?

In the context of information security, a governance assessment helps determine if your company’s investments and goals are aligned with the overall goals of the company.

How is BTB Security’s governance assessment unique?

Our assessment takes into consideration more than just the function of information technology within your organization. We take a holistic approach to understanding other influences as well.

Some of the other contributing factors we review include:

• Information Security and Risk Management
• Access Control and Network Security
• Operations Security
• Physical Security
• Business Continuity and Disaster Recovery

We take a look at what’s working (and what’s not) to advise on the best approach to improving your security posture while also maintaining any required compliance.

We work with clients to establish a baseline scoring mechanism (or an alternative metric) that will allow you to demonstrate year-over-year improvements to your leadership team.

What is penetration testing?

Your organization has likely invested a lot of money in intrusion detection and prevention systems (things like firewalls, antivirus software, or anti-spam/spyware) and training your team to use these tools effectively. Penetration testing is the best way to evaluate if these investments are effectively working together to protect your internal systems.

How does BTB Security conduct penetration testing?

In essence, we attempt to “hack” your systems and data by exploiting vulnerabilities to assess the security posture of your organization. Our team understands the architecture used in all sizes of organizations, so we engineer an attack plan based on your unique environment. We perform a logical, physical, and social analysis of the environment to identify security vulnerabilities.

We use tactics such as:

• Technical testing of internet-facing systems and devices (websites, remote access, routers, firewalls, etc.)
• Social engineering of employees (phishing, phone calls, etc.)
• Technical testing of internal systems and devices
• Physical testing of facility security (data centers, buildings, secure areas, etc.)

Our technical testing methods range from simple password guessing to complex buffer overflows or SQL injection. Social engineering and physical testing methods may include designing phishing emails and sites, calling help desk personnel, and piggy backing into an entryway. We not only leverage existing tools and techniques, we also develop many of the tools and techniques used to exploit vulnerabilities in your environment.

We want to help you understand how an attacker might target your information resources, employees, and facilities as well as how to defend your organization from these attacks.

Do you have questions about penetration testing? Download our Penetration Testing overview for more information.

What is an information security vulnerability assessment?

This type of assessment helps you identify potential threats to your business by extensively reviewing your existing information technology environment.

What’s covered in a vulnerability assessment from BTB Security?

We are nothing if not thorough. We provide you with a comprehensive list of actionable security concerns to address, along with expert recommendations as to how you should fortify your security.

We consider all major aspects of your current IT infrastructure, including:

• Administrative procedures
• Operating system security
• Network architecture design
• Software security
• Information security oversight
• Vulnerability management
• Incident management

As we conduct your vulnerability assessment, we gain an understanding of your business, how technology supports it, and how to effectively secure it. We are not simply looking for weaknesses—we are also identifying strengths in your security program. We want to help you leverage those strengths to mitigate any uncovered weaknesses and improve your overall security posture.

Want to learn more? Download our Vulnerability Assessment overview.

What is an application security assessment?

This assessment is designed to ensure that your application is properly designed and deployed to provide the intended business logic, security controls, and protection of data that it presents.

How does BTB Security handle application security assessments?

We work to uncover any and all vulnerabilities present in your application and its environment. Our expert team reviews your application and works alongside you to identify and eliminate security risks within your application.

We start by conducting interviews with key personnel and business owners, then we take steps to assess:

• Network engineering / operations
• System engineering / operations / administration
• Development
• Security / Compliance / Risk Management
• Architecture review
• Network device configuration
• Platform configuration
• Application configuration (e.g., database, web services)
• Review of related policies and procedures
• Application access control
• Software Development LifeCycle (SDLC)
• Manual and automated review of the application with different access levels
• Black box testing (no credentials or knowledge)
• White box testing of the application (access to credentials and source code)

Download our Web & Mobile Assessment overview for more information about this service.

What is a mobile application assessment?

This assessment is essentially the same as an application security assessment, but it is specifically targeted at mobile applications.

Why request a mobile application assessment from BTB Security?

As with our other security assessment services, we are very thorough. With BTB, you can be sure that the security of your mobile application will be rigorously tested (without breaking the bank).

Our assessment includes:

• Interviews with all relevant stakeholders
• Business owners
• Network engineering / operations
• System engineering / operations / administration
• Development
• Security / Compliance / Risk Management
• Architecture review
• Network device configuration
• Platform configuration
• Hands-on testing
• Mobile device application (e.g., Apple iOS, Android, Windows, Blackberry)
• Web services interface
• Administrative interface (web and/or application)

Our team works to identify strengths and weaknesses in all aspects of your mobile application—from business logic to user experience—and then we provide you with an actionable list of security findings and recommendations for mitigation.

Check out our Web & Mobile Assessment overview for more information.

What is a BYOD security assessment?

The concept of Bring Your Own Device (BYOD) has gained traction in recent years because of its inherent productivity, convenience, and cost benefits for many organizations. While it’s an appealing option for many businesses, the BYOD philosophy has a much higher risk of information security and privacy concerns with employees using their personal devices for sensitive data.  This assessment helps to identify to what extent BYOD within your organization may be putting your data at unnecessary risk.

Why do I need a BYOD security assessment from BTB Security?

We want to enable you to enjoy the positive benefits of using BYOD while mitigating the associated negative implications on the information security of your organization.

During our assessment, we cover:

• Mobile device policy review
• Hardware/Software version enforcement
• Encryption enforcement
• Lost device security
• Application control
• Mobile Device Management (MDM) strategy
• WiFi for mobile device review

Our experienced team helps you quickly assess your in place controls, define your strategy, and integrate technology and processes for your organization.

What is a firewall assessment?

Your firewall is still one of your most important tools for protecting your network. It is your first line of defense against attacks, so it needs to be appropriately installed, maintained, and regularly assessed by a professional since temporary rules, acquired devices, or improper administration can lead to an inadequate rule base. Assessing your firewall helps identify security vulnerabilities so you can take action to fix them.

What does a firewall assessment from BTB Security look like?

One of our certified information security experts reviews your firewall and makes recommendations for improvement. We’ve tailored this service to address these typical concerns:

• Common configuration issues
• Rule-set configuration (ingress and egress across network boundaries)
• Static and dynamic NAT translations
• Segmentation (e.g., DMZ, internal security zones) of the networks protected by firewalls
• High availability and fail-over capabilities

After the assessment is complete, we provide you with a detailed analysis to help reduce risks and increase security between defined zones.

What is a database security assessment?

It provides you with an expert view of the function, technical configuration, architecture, patching, monitoring, and administration of the DataBase Management Systems (DBMS) that run your organization. This type of assessment can be conducted on MSSQL, Oracle, DB2, Notes/Domino, MySQL, or any other database systems.

Why choose BTB Security for my database security assessment?

Our certified professionals will help you ensure that your key data is protected as part of your security strategy.

Our assessment includes:

• Interviews with key stakeholders
• DataBase Administrators (DBAs)
• Security / Compliance / Risk Management
• System Administrators
• Policy, Standards, and Procedures review
• Database platform review
• Schema
• Security controls
• User accounts
• Vulnerability identification

We will efficiently identify the strengths and weaknesses in all aspects of your database architecture, from policy to implementation and provide you with an actionable list of security findings and recommendations for mitigation.

What is a physical security assessment?

As the name implies, a physical security assessment takes a look at what measures are being taken to keep your employees, critical areas, equipment, and information safe. While technical controls can be implemented to restrict logical access to an information resource, physical controls are just as important to prevent theft or destruction.

How does BTB perform a physical security assessment?

We attempt to infiltrate your facilities using common tactics that actual intruders might use. We evaluate how an attacker might bypass any current security equipment to gain access to your equipment or data, assessing things such as:

• Camera / DVR Systems
• Alarm Systems
• Badge / Keycard Access
• Perimeter Security
• Fire Suppression / Building Exit Strategy
• Backup Power
• Environmental Controls
• Employee Awareness

We evaluate the controls in place, identify gaps and areas of improvement, and establish a remediation plan to improve your organization's physical security strategy.

What is a risk assessment?

Risk assessments (or IT risk assessments) help identify the security threats that pose the greatest risk for an organization.

How does BTB Security handle risk assessments?

We help you create a baseline for your IT risk management program so you can track improvement over time. The process is tailored to evaluate your environment against security best practices (e.g., ISO 2700x) as well as specific regulatory requirements (e.g., GLBA, HIPAA, FISMA, SOX). We complete the assessment through:

• Information Gathering
• Identification of Information and Information Systems
• Information Analysis
• Classification and Ranking
• Threat and Vulnerability Assessment
• Controls Evaluation
• Rating of Risks

A risk assessment will provide a better understanding of the risks posed to information systems, so we can provide actionable recommendations for applying appropriate security controls.

What is a virtualization assessment?

A virtualization assessment tests the security posture of virtualized infrastructures.

What is BTB Security’s approach to virtualization assessments?

We take a look at physical and logical architecture, as well as hypervisor security and administration. Our team completes a thorough review of security policies, administrative practices, and operational procedures, including:

• User and resource security
• Access controls
• Network configuration
• Data store segregation
• Platform security
• Security monitoring
• Security policy management
• Change management
• Asset management
• Patch management

We want to help you improve security of virtualized environments without losing the positive benefits of using the technology.

What is a cloud readiness assessment?

A cloud readiness assessment determines to what extent your organization could safely and securely transition to a cloud-based environment without undue risk to your data.

Why should I choose BTB Security for my cloud readiness assessment?

We will perform a comprehensive review of your cloud goals, operations, and technology and highlight the risks and appropriate mitigation techniques to support the secure use of a cloud environment. Our thorough investigation includes:

• Interviews with all relevant stakeholders
• Business owners
• Network engineering / operations
• System engineering / operations / administration
• Security / Compliance / Risk Management
• Architecture review
• Network device configuration
• Platform configuration

We want to give you the guidance you need to safely function in your current cloud-based environment (or set you up for success in transitioning to one).

What are Shared Assessments?

Shared Assessments is a program that provides organizations with a way to obtain a detailed report about a service provider's controls for security, privacy and business continuity. Service Providers that store, process, or transmit Personally Identifiable Information (PII) are inevitably being asked to complete a variety of questionnaires to evaluate the in-place controls for security, privacy, and business continuity. By utilizing Shared Assessments, service providers, and assessment firms save time, resources, and money by reducing redundancies, and increasing efficiencies in the vendor assessment process.

How can BTB Security help me with Shared Assessments?

We can help you identify and remediate the gaps, and put you on track for utilizing the Agreed Upon Procedures (AUP) consistent with service provider evaluations. The Shared Assessment service offers AUP, standards that are used when conducting an onsite audit of a managed service provider. The benefit of this service is that the service provider can then share the report with multiple clients, alleviating the need for separate audits or responding to additional client questionnaires.

What is social engineering?

In the context of information security, social engineering is using psychological manipulation techniques in an attempt to gain access to data (for example, phishing emails).

Why does BTB Security use social engineering when assessing information security?

We utilize social engineering as part of our Penetration Testing service, or as a stand-alone exercise. We use tactics such as phone calls or phishing exercises in an attempt to solicit sensitive information, or even attempt to physically breach your building or secure area. We identify gaps and make recommendations that can be used to improve employee awareness and physical security.

What types of information security training does BTB Security offer?

We provide training at all levels within your organization to help establish a well-rounded security awareness program in any industry. Our training comes in a variety of convenient formats—both on- and off-site— such as classroom-style sessions, web-based meetings, or computer-based training. Our training services are flexible to meet your needs. We can educate your team about:

• General security awareness
• Security awareness (for IT administrators / personnel)
• Secure coding training (for developers)
• Security skills training (for security engineers / analysts)

What is a VPN assessment?

This assessment evaluates the increasingly complex sets of connections, roles, rules, and access permissions that comprise an organization's Virtual Private Network (VPN).

How does BTB Security conduct a VPN assessment?

We deliver an independent review of your organization's technical infrastructure, policies, and administrative procedures. During this test, we assess:

• User and resource security
• User role-based access control
• Network configuration
• Network segmentation and access control
• Security monitoring

We make practical recommendations to optimize and enhance the effectiveness of your VPN.

What is a wireless security assessment?

A wireless security assessment identifies vulnerabilities within your wireless infrastructure.

How does BTB Security perform wireless security assessments?

We provide a comprehensive wireless security assessment to identify the wireless vulnerabilities present in your environment. We conduct interviews with key personnel, and then evaluate:

• Configuration of wireless controllers and access points
• VLAN configuration review
• Architecture Design
• Multi-SSID access (for employees and guests)
• Encryption
• Fine grained access control (802.1x)
• Monitoring and event correlation
• Wireless site survey
• Rogue wireless access point identification and removal

What is a breach threat assessment?

A breach threat assessment examines the current state of security within your organization and evaluates your ability to respond to threats or incidents.

Why should I get a breach threat assessment from BTB Security?

We help you develop a programmatic and methodical approach in defense and incident response that’s adaptable to evolving threats and technology over time.

• Security maturity model end-state design, evaluation criteria, gap analysis, and tactical road map development.
• Review of incident response policy, plans, procedures, technology, and people to enable an organization to actively detect, mitigate, and eradicate threats while minimizing the impact on system availability and end users.
• Review of threat management, monitoring, and intelligence capabilities that enable a proactive approach to detect security threats.

What is an incident response readiness assessment?

This type of assessment evaluates an organization’s ability to appropriately respond to security incidents (from full blown data breach investigations to low level virus or malware outbreaks).

Why should I choose BTB Security for my incident response readiness assessment?

We help you build and prepare your own incident response function through training, documentation development and review, simulated exercises, and third-party assessment services. We help you arm your organization and staff with techniques and procedures to better defend your company and respond to security incidents. We assist you with:

• Incident response plan review
• Gap analysis
• New plan development / enhancement
• Identification of key technologies and personnel
• Enhancing tool reporting / alerting to support incident response capabilities
• Defining key players for an Incident Response Team (IRT)
• Conducting tabletop exercises to verify plan effectiveness