Did you know…

PCI DSS § 11.2 requires internal and external vulnerability scans at least quarterly and after any significant changes. The external scans must be done by a PCI Approved Scanning Vendor (ASV).

TECH LOCK is a PCI ASV - click here to schedule your quarterly vulnerability scan!

NIST SP800-53 § RA-5 requires scans to be conducted on a regular basis, and when new potential vulnerabilities are identified.

ISO 27002 § 12.6.1 requires that vulnerabilities be identified on a timely basis, and § 15.2.2 requires technical compliance checking.

Vulnerability Assessment

Performed from either an internal or external perspective, vulnerability assessments help identify potential vulnerabilities that hackers and malware can exploit.

TECH LOCK provides several vulnerability assessment services:

  Internal vulnerability assessment
  Internal vulnerability assessments are run from within the network, where there are fewer firewalls and intrusion detection/prevention systems. Internal vulnerability scans that are run with elevated privileges are commonly used to verify patch management processes and also as a tool in a risk management program.
  External
  External vulnerability assessments give you an idea of what the typical hacker or malware agent sees - your firewall, web servers, mail server, and other Internet-facing systems. TECH LOCK’s external vulnerability assessment will help to identify any vulnerabilities you may have on these systems.
  Web Application
 

Web applications have quickly become the number one target for hackers. Web applications and their database back-end systems have many potential vulnerabilities that attackers can use to obtain their goal, including SQL injection, cross-site scripting (XSS), and cross-site request forgery (XSRF).

Based on the Open Web Application Security Project (OWASP), TECH LOCK’s web application vulnerability assessment service will help to identify all of your web application vulnerabilities.

The TECH LOCK Difference - All TECH LOCK consultants have direct technical hands-on administration and engineering experience with systems and applications, and are always trained on new technologies and systems. This provides us with a unique advantage over our competitors; our consultants are better able to interpret and measure control objectives across your enterprise.

if you would like to be contacted about our services.

© 2009-2014 TECH LOCK, Inc. - 1000 John R Rd, Suite 201 - Troy, MI 48083
Phone: +1 847 245 3727 | Fax: +1 866 941 8719
E-Mail: info@techlockinc.com