Threat & Vulnerability Baseline Testing
This service uses targeted manual and automated testing procedures to detect possible vulnerabilities on your network or individual hosts. Our Vulnerability Assessment Team extracts and reviews your scan results to test for baseline configurations, known and documented vulnerabilities, and new or obscure and emerging threats to business and technology that may exist on your networks or individual host, web servers & other e-commerce application.
The goal of penetration testing is to determine if the protective controls of a given host(s) and network can be bypassed. Penetration Testing provides evidence (sometimes to an unbelieving audience) that vulnerabilities indeed are exploitable. It brings a dose of reality and intense focus to the vulnerability assessment. Penetration testing is characterized as either external or internal to the network.
Managed Vulnerability Protection Service
This is the most comprehensive assessment service Fitzpatrick Executive Security offers. We leverage our security expertise to provide you with continuous, cost-effective, managed vulnerability protection. We work with you to develop a recurring vulnerability assessment program for different portions of your environment and provide you with reports detailing our findings and analysis on an ongoing basis.
With increasing dependence on distributed networks, outsourcing of services and reliance on the Internet, a company becomes more vulnerable to security breaches. Once the existence or potential existence of a security breach has been detected, reaction time is critical.
Computer Forensics includes the acquisition, analysis, and preservation of electronic data in a format which ensures its admissibility as evidence in court. The proper handling of this computer-stored information can be vital to the successful resolution of a variety of criminal and civil matters.
Information Security Policy & Procedures
The objective of any process control review is to assess selected administrative security controls and processes. The aim is to ensure the environment supports information availability, integrity, and confidentiality across the IT networks.
Payment Card Industry (PCI) reviews
The payment Card Industry compliance review is designed to provide guidance for organizations handling credit card data. The PCI review focuses on protecting the client against the threat of security breaches impacting on their customer’s credit card information.
PCI Merchants and Service Providers are required to store and handle customers credit card account data securely in accordance with the PCI-DSS. The review covers a gap analysis of all areas covered by the PCI standard. Once the review is complete a road map for improvement of weak areas highlighted in the review is created for rectification.
Protecting customer credit card information from a breach is tantamount for both brand equity and may need to be demonstrated to the respective acquiring bank to avoid potential fines in the event of a breach.
Disaster Recovery and Business Continuity Planning
Disaster Recovery (DR) and Business Continuity Planning (BCP) service reviews and plans for the ability of an organization to successfully regain access to critical, infrastructure, data, systems and software during a serious outage or disaster. The review focuses on a "return to normal business" in both a reasonable timeframe and at a reasonable cost. The DR review includes plans for managing unexpected or sudden loss of key members of the organization, system or locations such as data centers.
Fitzpatrick Executive Security take great pride in offering training of law enforcement, computer forensic and security practitioners in investigation procedure, evidence handling policy, technical expertise, procedures and general awareness.
Desktop War Games
One of the best ways to ensure that your incident response or DRP procedures are adequate and well understood within your organization is to undertake a “Desktop” exercise to test all the procedures and how the divisions in your organization implement them under the pressure and time constraints of a security breach or other incident. We have successfully delivered several war game scenarios including network virus attack, disaster recovery scenarios, hacker compromises and HR and related incidents.