Network Security Assessment
A CoNetrix Network Security Assessment will help you identify network vulnerabilities so you know where to focus your attention.
Who needs this service?
A Network Security Assessment is best for any company or financial institution that stores sensitive information, has
recently made infrastructure changes, or is preparing for an examination.
Scope of work
A CoNetrix Network Security Assessment includes an onsite auditor and covers the following key areas:
- Access and Data Management
- Cyber Event Detection – Monitoring, Alerting and Review
- Cyber Threat – Vulnerability Detection
- Device and Endpoint Security
- Operating System and Application Life-Cycle Management
- IT Infrastructure Management
- IT Patch Management
- Vendor Management - External Information Flow/Connectivity
- Branch Visits - Optional
- Virtual Server Infrastructure Review – Optional
- Core Operating System Review – Optional
- Application Audit – Optional
- Office 365 Assessment – Optional
- Secure Coding Audit – Optional
Why CoNetrix Security?
Knowledge and Expertise:
- CoNetrix Security has conducted more than 1,000 different IT related audit engagements since 2001.
- The CoNetrix Security staff has more than 500 years of accumulated information technology, network, and security experience.
- The CoNetrix security staff hold numerous security certifications, such as CISSP, SSCP, CISM, CISA, and other Microsoft and Cisco security specializations.
- The CoNetrix Family of Companies includes numerous resources for CoNetrix Security to consult, including software developers, web developers, and IT engineers.
The CoNetrix Security Difference:
- CoNetrix Security provides easy-to-read reports with findings sorted by associated risk and estimated cost.
Reports include regulatory reference, remediation recommendations, and a detailed review with an information and cyber security expert.
Access to the Tandem Audit Lite software, a finding and response manager, is included. Audit Lite is a version of the Tandem Audit software limited to tracking CoNetrix Security engagements.
A comprehensive work program is built upon:
- FFIEC Cybersecurity Assessment Tool (CAT)
- CoNetrix Security audit, testing, and consulting experience
- FFIEC Information Technology Examination Booklets
- Gramm-Leach-Bliley Act Standards for Safeguarding Customer Information
- Information Systems Audit and Control Association (ISACA) audit guidelines
- Information Technology Risk Examination (InTREx) Program
- National Institute of Standards and Technology (NIST) Special Publications
- The Center for Internet Security (CIS) Top Controls
CoNetrix Security audit services are offered as three engagement levels to fit the needs of your institution. Add optional coverage to check additional controls, as needed.
Ready for the next step?