As more organizations leverage
the Internet for business and commercial transactions, attackers are focusing
on applications to penetrate corporate security controls. Historically, developers
have focused on functionality over security, which has presented an entirely new
venue for attackers to launch exploits and compromise systems and information.
Service
Description
Digivera's DVAssure can provide vulnerability assessment services for your company.
Vulnerability assessments can be tailored to review the physical and logical security
of your company's infrastructure. Digivera's Security Advisors and Certified Auditors
will conduct a comprehensive and detailed analysis of risk to your company and
provide graduated mitigation strategies for your corporation. Our methodology
utilizes the ISO 27001/2 and 17799 standards to ensure rigor in the evaluation
process. Our specialists have experience in using the Payment Card Industry (PCI)
standard for auditing and securing your corporation's credit card information.
Our personnel can also conduct application security reviews to determine if the
software meets your corporation's requirements in securing your data.
The
Digivera Advantages
Digivera's
DVAssure services are performed only by experienced and credentialed professionals,
most of whom are CISSPs, CISAs and credential PCI auditors. We participate in
industry associations such as PCI Security Standards Council (PCI SSC). All this
is put to work for you; we go beyond the basic application assessment to:
 | Demonstrate
due diligence for regulatory compliance (as applicable); |
| Assure
applications are sufficiently hardened; |
| Deliver
actionable findings and strategic recommendations; |
| Provide
knowledge transfer to your internal security resources; |
| Utilize
dedicated senior project team with global recognition in the security industry. |
Service
Benefits
Some
organizations believe applications have security built in or are "good to go"
out of the box. This is not usually the case. In fact, it is rarely true. Digivera's
trusted advisor services help put the security back into your applications:
|
Digivera does not use or
rely on open source tools and scanners for application assessments scanning because
of their relative immaturity. All our testing is performed via our automated On-Demand
and Managed Service which provides 100% testing coverage, accuracy and backed
by experienced security professionals. |
|
Digivera performs comprehensive
threat analysis to identify key assets needing protection and defines security
threats to those assets. |
| Digivera
will provide you with a detailed report on PCI security vulnerabilities along
with architectural and operational weaknesses identified based on our proprietary
checklist that goes beyond requirements identified in the PCI Security Standards
Council (PCI SSC) or checklist. Our findings report also provides detailed explanations
of countermeasures necessary to secure applications, data assets, and resources,
and outlines policy recommendations to ensure long-term compliance with industry
best practices. |
At
Digivera, we make security manageable.
