Security vulnerabilities exist on two planes: physical and data. The physical plane includes everything that surrounds your data on a daily basis. Access to your server room, guests wandering through your building, disgruntled employees, irresponsible employees, "sleepers" who are hired into your organization and called to attack sometime in the future, and a myriad of other things are all valid examples of "real" vulnerabilities that exist on the physical plane. Unfortunately, most companies fail to realize that intruders will probe and attack your organization on either one or both of these planes, depending on where they believe the greatest opportunities may exist.
The data plane includes all software systems (i.e., applications or operating systems), which may contain security-related flaws. These flaws allow intruders to violate your security policies and ultimately lead to loss of confidentiality, integrity, availability of information resources, or catastrophic failures. Vulnerabilities that affect widely deployed software packages are continually brought forward in public forums, making this information readily available not only to IT professionals, but also to hackers. While most security professionals focus their efforts on "plugging" the security holes that exist on the data plane, they tragically ignore the vulnerabilities that occur on the physical plane.
Fortunately, sNET is cognizant of the vulnerabilities that exist on both the physical and data planes. Our Tiger Team utilizes a holistic approach to risk analysis in order to determine which areas of your organization are vulnerable to attack and prioritize these areas based on consequential severity. Our team uses a highly effective combination of automated tools, security expertise, psychological operations, and implementation of our patent-pending sNET deception technology. This allows us to identify your security vulnerabilities, while also covering those vulnerabilities that may not be detected using "standard" industry practices.
|
