Assessment Offerings

Security Audit. Risk Assessment. Penetration Test. Vulnerability Assessment. Ethical Hack. The marketplace is crowded with companies offering IT security assessment services under various names. But while they all claim to do roughly the same thing, not all security assessments are created equal. The following common components highlight some of the areas that make Accuvant's assessment offerings unique:

• Defined Criteria - Assessments are not necessarily conducted based strictly on best-practices or vulnerabilities alone. Accuvant regularly uses client security policies and relevant regulations to identify the criteria for the assessment, allowing our deliverables to reach a broader audience within the organization and offer a view of the organization's conformance to relevant standards and controls.
  
  
• Comprehensive Toolkit - Accuvant believes the most important success factor in an assessment is the overall methodology and skill of the practitioner, not the contents of their tool chest. But access and understanding of the proper tools is certainly an important part of being a skilled assessor. From commercial tools to open source tools and utilities, Accuvant ensures that our comprehensive methodology is complemented by an extensive toolkit.
  
  
• Vulnerability Confirmation & Controlled Exploitation - Wherever possible, issues are manually confirmed to eliminate false positives and provide tangible proof of security risks. If appropriate, vulnerabilities are exploited to provide proof-of-concept and aid in penetration testing activities.
  
  
• Remediation Planning - An assessment's ultimate goal is not to find problems but to solve problems, therefore all recommendations are vetted for feasibility and documented in manageable plans to aid in meeting the organizations security goals.
  
  
• Thorough Documentation - The greatest assessment methodology in the world means little without appropriate documentation to back it up. Accuvant's assessment deliverables are the best in the industry, providing comprehensive results with easily understood findings without sacrificing detail.
  

Accuvant has developed a phased assessment approach that is extremely effective for testing and improving the security of enterprise IT assets derived from years of experience and following key guidelines developed by groups such as the NSA, OISSG, OWASP, WASC and MSDN. But our strength does not rest solely on superior methodology. Security consulting is no different than any other professional service--quality is ultimately determined by the skill of the practitioner. The best way to learn about the skills of our assessment team and the quality of their work is to talk to our clients. Accuvant has performed assessments for clients in all industries, from manufacturing to health care, banking to government. Their satisfaction is our only measuring stick, and we encourage prospective clients to hear from our current customers why they are happy they chose Accuvant.

If you would like more information about Accuvant's specific assessment offerings, please email info@accuvant.com or contact our sales department at 1-800-574-0896.