| |
|
More than just a supplier, we
aim to become your dependable partner for comprehensive penetration
testing, regulatory compliance solutions and independent security
consulting services.
Whenever you choose to engage with us, in addition to being
allocated a dedicated Account Manager, you will also be allocated a
Technical Account Manager. This Account Team will work closely with
you to accurately and fully scope your business requirements. This
helps us to ensure that your project is closely managed and that
your deliverable is of the highest quality and standard.
This two-pronged approach to client relationship management ensures
that you receive full accountability when engaging with us,
something we feel helps to guarantee an unparalleled level of
service and sets us aside from our competitors.
Infrastructure Penetration
Testing
An infrastructure penetration test by Armana Systems will provide
you with a full and complete picture of the security vulnerabilities
on your internet-facing hosts along with detailed information on how
to remediate any issues identified.
Infrastructure testing often encompasses a scope of work including
assessment of :
|
▪ |
Web servers |
|
▪ |
Email servers |
|
▪ |
Firewalls |
|
▪ |
Routers |
Web Application Testing
A web application test by Armana Systems will provide a complete
picture of the security vulnerabilities on your web apps, along with
detailed information on how to remediate any issues identified.
Vulnerabilities tested for during a web application test include the
OWASP Top 10:
| ▪ |
Session management/information leakage |
| ▪ |
Input manipulation (SQL injection/Cross-site scripting) |
| ▪ |
Authentication (testing with and without user or admin
credentials) |
| ▪ |
Buffer overflows and improper error handling |
Remote Access Testing
Deployment of VPN’s and other remote access solutions exposes
organisations to complex security risks. Armana Systems remote
access testing services provide assessment of VPN platforms (with
and without credentials), remote email access systems and
thin-client environments.
Social Engineering
At the instruction of the client and posing as utilities workers,
company employees or security officers, our consultants will attempt
to infiltrate the client’s offices or restricted server environments
in order to assess the security posture around the client’s data
assets. The report from each engagement details how difficult it is
to exploit flaws in physical security and employee security
awareness training, and then explains how the IT security policy and
technical network security measures protect sensitive company data.
Payment Card Industry Data
Security Standard – PCI DSS
The Payment Card Industry Data Security Standard (PCI DSS) is a
program created by the Payment Card Industry Security Standards
Council (PCI SSC). The program is designed to help merchants that
process card payments prevent fraud by audits and security testing
of web applications and IT infrastructure. The standard applies to
all organisations which hold, process, or pass cardholder
information from Visa, MasterCard, American Express etc.
Achieving PCI compliance is a process that is dependent on the
volume of card transactions the merchant processes each year, with
larger merchants requiring greater scrutiny of their card-holder
infrastructure.
Enforcement of PCI compliance is performed by the bodies holding
relationships with the merchants. For companies processing Visa or
MasterCard transactions, compliance is enforced by the merchant’s
card acquirer, while firms processing American Express transactions
will work directly with AMEX to ensure compliance.
Armana Systems offers penetration testing and PCI ASV scanning
services, consultancy, and a PCI workshop program to enable
merchants to prepare for achieving or maintaining PCI compliance.
Our consultants have extensive experience working with all sizes of
companies ranging from smaller web-only merchants to FTSE 100 and
Fortune 500 companies.
|
|
|
Contact Details
Armana Systems LLP
Talbot House
High Street
Crowthorne
Berkshire
RG45 7AQ
|
|
