CYBER SECURITY & VULNERABILITY ASSESSMENTS
CHRIS MATHERS INC. is committed to improving the security posture of our clients by providing prevention, awareness and response solutions. In concert with our strategic partners, we deliver these solutions to organizations that understand the need to incorporate IT security into strategic business goals and objectives.
Ensuring the security of your network is an important management responsibility. This responsibility is a daunting task with today’s environment of increasing risk. Maintaining this secure environment is essential to the professional and public reputation of all corporations.
Corporations need assurance that their host environments are secure and that any possible vulnerabilities are identified and addressed. Along with our strategic partners, we pride ourselves on our security assessment and penetration testing methodologies and custom developed tools. Through the application of our custom tools, our Forensic IT professionals have discovered at least one major and undocumented vulnerability not previously discovered using industry standard commercial tools. The use of custom tools reduces unknown and/or undesired effects on the target environment. This added value, combined with our risk profiling methodology, increases the effectiveness of our services and clearly differentiates us from our competitors.
WHAT IS A SECURITY & VULNERABILITY ASSESSMENT?
A Security & Vulnerability Assessment is a review of a network which will identify weaknesses which could be used to disrupt or compromise the availability, confidentiality and/or integrity of data.
We assess the network architecture layout and implementation and then provide recommendations which will reduce available opportunities for compromise by amateur, criminal or state-sponsored attackers.
WHAT IS PENETRATION TESTING?
Penetration testing is the evaluation of the inherent security features of an IT environment to assess its vulnerability to unauthorized access.
Technicians make use of commercial and custom tools, including specialized software and hardware and “social engineering” techniques, to simulate an attack on the Active Directory environment by unauthorized persons.
WHAT IS SOCIAL ENGINEERING?
Social Engineering is the gathering of confidential information from unsuspecting employees through lies, misrepresentation, pretext or guise. In the context of a Penetration Test, this information, such as passwords and user ID’s, is then used to replicate the conditions of an unauthorized attack.
WHY WOULD MY COMPANY REQUIRE REGULAR A SECURITY & VULNERABILITY ASSESSMENT OR PENETRATION TESTING?
Your intellectual property, proprietary information and client records are of significant value to criminals and your competitors, not to mention various activists, protesters and reporters. Unauthorized access to your network could mean that some or all of your confidential information might be stolen, altered or destroyed. In addition, intruders could perpetrate other types of significant damage that could cause economic loss and embarrassment for your company, such as, the “hijacking” of corporate websites or significant disruption of internal email systems.
COMPUTER FORENSICS
What are Computer Forensics?
Computer Forensics is the gathering of evidence of inappropriate or criminal activity from a device that stores information electronically. What kind of devices can have evidence stored on them?
Any device that has a memory capacity, such as:
Computer hard drives
Credit and Debit cards
Digital cameras
DVD’s
External drives
Flash disks
Memory chips and cards
Mobile phones
Modems
Printers
Telephones and Handheld devices
USB devices
WHY CAN’T MY IT PERSON GATHER THE EVIDENCE?
Typically, IT personnel lack the specialised training required to gather, preserve and analyze evidence in a manner that is acceptable to a court. For example, simply by turning on a suspect computer, many files are altered and evidence can be corrupted.
WHAT WILL A COMPUTER FORENSIC SPECIALIST DO TO GATHER THE EVIDENCE?
A Computer Forensic Specialist will use specialized tools, software and hardware to detect and record information that would be undetectable to an untrained person. Typically, they will “image “a suspect device in order to preserve evidence. Imaging could be compared to taking a photograph, since a second identical piece of memory, is created.
The Computer Forensic Specialist can then manipulate the imaged copy in a variety of ways in order to extract evidence. Because of this, the original device is never altered and remains in the same state that it was when it was seized.
CAN DELETED INFORMATION BE RECOVERED?
In certain circumstances, deleted files can be recovered using specialized tools and techniques. Even if a commercially available “wiping tool” has been used, evidence can sometimes still be obtained.
Even in circumstances where data has not been damaged by intentional acts but as a result of errors or technical failures, our technicians may be able to recover it.