Cyber Security Audit & Roadmap

healthcare


Organizations planning for a security assessment have to juggle many competing priorities. They are struggling to become compliant, and stay compliant, with a number of security standards or regulatory targets. Budgetary pressures are ever-present, but organizations need to ensure that assessments are performed by a solid, reputable firm with expert assessors. As a premier assessment practice, ABMCG Cyber Security Advisory Services has helped an extensive portfolio of clients address exactly these challenges.

We deliver successful penetration testing.

Save time and money by selecting a penetration testing provider you can trust.

By simulating a real-world attack, ABMCG's security engineers actively attempt to exploit vulnerabilities and gain access to system resources without damaging or disrupting any of your organization's production services. Our security experts will design a complete plan to help you proactively manage risk and become compliant with industry and governmental regulations.

Our practice management and EHR application support services include:

A penetration test can be used to gauge your organization's security policy compliance, your employees' security awareness, and your organization's ability to identify and respond to security incidents.

Web Applications

Attacks against Internet-facing applications.

A web application penetration test is aimed at discovering weaknesses in your web applications, including web servers, application code, or database servers. The assessment identifies the gaps in technological defenses that could make your networks and systems more vulnerable to motivated attackers. We reveal holes and weaknesses in production websites before the hackers find them. We focus on application logic built into the website, and assess for server side attacks such as SQL injection and Blind SQL injection and client side attacks, such as Cross Site Scripting. We also assess the design of web infrastructure, including the use of cookies and login forms, data encryption, content display, and error message display upon invalid pages.

External Networks

Attacks against Internet-facing infrastructure.

An external network penetration test provides a review of IT infrastructure conducted through the view of a malicious hacker. We test any network that is attached to the Internet, as well as networks that can be penetrated through weak Internet facing security controls. Focus areas include DNS Servers, FTP Servers, IDS/IPS, Internet Routers, HTTP/HTTPS Servers, VPN Servers, Firewalls, Intranet/Extranet Servers and Mail Servers. An external penetration test will also assess the security configurations on Access Routers, Firewalls, Intrusion Detection Systems and Contents Scanners to protect the perimeter of the network.

Internal Networks

Attacks against infrastructure and applications inside the company.

An internal network penetration test provides an analysis of security conducted through the view of an Internal user, a temporary worker, or an individual who has physical access to the organization. We conduct the penetration test from within an organization over Local Area Network, and attempt to gain access to privileged company information, sensitive application databases, HR information, or ERP resources. We aim to assess whether a user can escalate network privileges and gain access to usernames and passwords for other business users, and whether data can be removed from the environment without triggering alarms or leaving an audit trail.

Wireless Networks

Attacks aimed at unauthorized access points and data interception. A wireless network penetration test identifies areas of weakness and rogue devices, analyzes security configurations, tests for vulnerabilities, and implements security policies that minimize risk of security breaches. We assess the configuration of your wireless infrastructure as well as the end-points that connect into it, the authentication and encryption controls, and the underlying logic used to connect into the wireless infrastructure.

Host Security Configurations

Operating system and app-level administration and security controls.

A host security configuration assessment evaluates the security of critical servers. We analyze administrative and technical controls, application-level security issues, and propose specific recommendations for countermeasures. We test the security controls for all features and functions of major operating systems and devices: Microsoft Windows, UNIX (including Solaris™, Linux™, Tru-64, and AIX), and Novell®, specific applications, such as IIS, SQL Server, and Apache.

Mobile Devices

Attacks against and from mobile infrastructure and devices.

A mobile device penetration test evaluates the mobile infrastructure and security practice. The assessment includes the architectural design, the security of mobile devices and the back-end servers, and whether the mobile device could allow a potential compromise of confidential data, denial-of-service (DOS) from an end user’s perspective. We will evaluate the gap of current mobile security policy against best practice recommended by the ISO17799 security standards.

PBX & VOIP Systems

Attacks aimed at disruption of phone service.

A phone service penetration test is designed to identify and exploit potential security vulnerabilities associated with premises-based VoIP and hosted IP PBX systems from any hardware or software vendor. This penetration test evaluates the security of the phone system from a user’s perspective and determines if the VoIP service could allow potential service fraud, denial-of-service or other attacks, including VoIP PBX mis-configurations, VoIP traffic sniffing, and rogue VoIP traffic injection. We will attempt to exploit vulnerabilities related to loss of service, fraud, privacy, denial of service, viruses, and SPIT (spam over Internet telephony), as well as new vulnerabilities related to the integration and interoperability of VoIP software and hardware.

Social Engineering

Attacks implemented through human interaction and manipulation.

Also known as vulnerability testing, a security vulnerability assessment is a critical component in an overall security strategy. We use vulnerability scanning software to identify, quantify, and prioritize vulnerabilities in your applications and IT infrastructure. Our security experts will design a complete plan to help you proactively manage risk and deliver a report that will satisfy the requirements of regulators, auditors and executive management.

Identify existing and emerging security risks that pose the greatest threat to your core business goals.

An internal network penetration test provides an analysis of security conducted through the view of an Internal user, a temporary worker, or an individual who has physical access to the organization. We conduct the penetration test from within an organization over Local Area Network, and attempt to gain access to privileged company information, sensitive application databases, HR information, or ERP resources. We aim to assess whether a user can escalate network privileges and gain access to usernames and passwords for other business users, and whether data can be removed from the environment without triggering alarms or leaving an audit trail.

Web Applications

Attacks against Internet-facing applications.

A web application penetration test is aimed at discovering weaknesses in your web applications, including web servers, application code, or database servers. The assessment identifies the gaps in technological defenses that could make your networks and systems more vulnerable to motivated attackers. We reveal holes and weaknesses in production websites before the hackers find them. We focus on application logic built into the website, and assess for server side attacks such as SQL injection and Blind SQL injection and client side attacks, such as Cross Site Scripting. We also assess the design of web infrastructure, including the use of cookies and login forms, data encryption, content display, and error message display upon invalid pages.

External Networks

Attacks against Internet-facing infrastructure.

An external network penetration test provides a review of IT infrastructure conducted through the view of a malicious hacker. We test any network that is attached to the Internet, as well as networks that can be penetrated through weak Internet facing security controls. Focus areas include DNS Servers, FTP Servers, IDS/IPS, Internet Routers, HTTP/HTTPS Servers, VPN Servers, Firewalls, Intranet/Extranet Servers and Mail Servers. An external penetration test will also assess the security configurations on Access Routers, Firewalls, Intrusion Detection Systems and Contents Scanners to protect the perimeter of the network.

Internal Networks

Attacks against infrastructure and applications inside the company.

An internal network penetration test provides an analysis of security conducted through the view of an Internal user, a temporary worker, or an individual who has physical access to the organization. We conduct the penetration test from within an organization over Local Area Network, and attempt to gain access to privileged company information, sensitive application databases, HR information, or ERP resources. We aim to assess whether a user can escalate network privileges and gain access to usernames and passwords for other business users, and whether data can be removed from the environment without triggering alarms or leaving an audit trail.

Wireless Networks

Attacks aimed at unauthorized access points and data interception. A wireless network penetration test identifies areas of weakness and rogue devices, analyzes security configurations, tests for vulnerabilities, and implements security policies that minimize risk of security breaches. We assess the configuration of your wireless infrastructure as well as the end-points that connect into it, the authentication and encryption controls, and the underlying logic used to connect into the wireless infrastructure.

Host Security Configurations

Operating system and app-level administration and security controls.

A host security configuration assessment evaluates the security of critical servers. We analyze administrative and technical controls, application-level security issues, and propose specific recommendations for countermeasures. We test the security controls for all features and functions of major operating systems and devices: Microsoft Windows, UNIX (including Solaris™, Linux™, Tru-64, and AIX), and Novell®, specific applications, such as IIS, SQL Server, and Apache.

Mobile Devices

Attacks against and from mobile infrastructure and devices.

A mobile device penetration test evaluates the mobile infrastructure and security practice. The assessment includes the architectural design, the security of mobile devices and the back-end servers, and whether the mobile device could allow a potential compromise of confidential data, denial-of-service (DOS) from an end user’s perspective. We will evaluate the gap of current mobile security policy against best practice recommended by the ISO17799 security standards.

PBX & VOIP Systems

Attacks aimed at disruption of phone service.

A phone service penetration test is designed to identify and exploit potential security vulnerabilities associated with premises-based VoIP and hosted IP PBX systems from any hardware or software vendor. This penetration test evaluates the security of the phone system from a user’s perspective and determines if the VoIP service could allow potential service fraud, denial-of-service or other attacks, including VoIP PBX mis-configurations, VoIP traffic sniffing, and rogue VoIP traffic injection. We will attempt to exploit vulnerabilities related to loss of service, fraud, privacy, denial of service, viruses, and SPIT (spam over Internet telephony), as well as new vulnerabilities related to the integration and interoperability of VoIP software and hardware.

Social Engineering

Attacks implemented through human interaction and manipulation.

Also known as vulnerability testing, a security vulnerability assessment is a critical component in an overall security strategy. We use vulnerability scanning software to identify, quantify, and prioritize vulnerabilities in your applications and IT infrastructure. Our security experts will design a complete plan to help you proactively manage risk and deliver a report that will satisfy the requirements of regulators, auditors and executive management.

ABMCG's software-as-a-service, VRM, helps businesses holistically manage IT security vulnerabilities, on premises and in the cloud, in a unified, proactive, and flexible way. VRM aggregates the results of vulnerability scanners, proactively prioritizes vulnerabilities based on business risk, and expedites remediation by streamlining the ticketing process and reports.

Social Engineering Security Tests

Used by hackers for many years, the term "social engineering" describes the use of persuasion and deception to gain access to restricted information systems. These illicit techniques are typically implemented through conversations or other human interactions. The medium of choice is usually the telephone, but social engineering can also take place via email messages, television commercials, or countless other mediums. A social engineering security test begins with target identification and information gathering, followed by exploitation attempts. We systematically apply these principles in a customized approach based on the objectives of your particular situation that are tailored to your organization’s policies and processes. For example, if you have incident response procedures in place to report suspicious phone calls, we can further test these procedures by making obvious attempts at gaining confidential information without proper authorization. The social engineering security test can be carried out either remotely or onsite by testing physical security at sensitive locations.

Source Code Security Review

Research has shown that fixing security problems early in the development cycle is more efficient and more cost effective than the traditional penetrate-and-patch model. Our application security consultants use rigorous and efficient source code inspection to identify detrimental software security problems at the onset of the development cycle. Our code review service allows the ability to detect all existing vulnerabilities in applications including Web applications, network services or client/server applications. Our experts use commercial and open source tools to automate the review process. In addition, we manually validate every issue and inspect code to overcome the limitations of automated tools and techniques that are ineffective. We have expertise in C, C++, C#, Java™, CFML, and PHP working within development frameworks such as J2EE and the .NET framework; developing on Win32 and UNIX platforms.

Host Security Configuration Assessment

We analyze administrative and technical controls, potential vulnerabilities, and propose specific recommendations for countermeasures. We’ve developed state-of-the-art tools to automate the collection of data, using these scripts to identify high-risk misconfigurations or omissions in your servers.

We test the overall risk of the host rather than just a list of specific vendor-recommended points. As a result, we identify the controls in need of improvement to reduce risk to the host. We perform Host security Configuration Assessments to test the security controls for all features and functions of major operating systems and devices: Microsoft Windows 2000/XP, Unix (including Solaris™, Linux™, Tru-64, and AIX), and Novell®, specific applications, such as IIS, SQL Server, and Apache, router and switch hosts.

Compliance Reviews

We help you understand and adhere to the relevant information security compliance requirements by performing a Compliance Review. We offer customized compliance reviews and gap analysis for industry regulations.

  • HIPAA Compliance Review
  • ISO17799 Compliance Review
  • GLBA Compliance Review
  • ITIL Compliance Review
  • SOX Compliance Review
  • FISMA Compliance Review
  • PCI Compliance Check

Emergency Incidence Response

Imagine if an external attacker was able to penetrate your network’s perimeter defense and was able to make his way into your internal network. Or, what if an internal employee or consultant gained access to your most sensitive business information? These scenarios are becoming more and more common and the results can be devastating.

Our Emergency Response and Digital Forensic Services reveal essential facts and provide comprehensive insights and analysis related to the breach, its detection and prevention. We gather the facts objectively and contain potential damage quickly and efficiently. We are able to reconstruct foolproof forensic evidence and secure production systems to prevent future security breaches. Finally, we gather and disseminate the lesson learned from the digital forensic incident. Whether the security breach involves a Denial of Service attack, an external penetration, internal security breach, or a worm, botnet, or virus infection, we have developed extensive tools and expertise to handle high-stress situations with competence.

Solution Portfolio: Download


Additional Information

If you would like additional information on Services/Industries Solutions or other ABMCG solutions or services, please contact us