Make PDF z tej stronie - Sense of telecommunications
Transkrypt
Make PDF z tej stronie - Sense of telecommunications
NASK - Sense of telecommunications Źródło: http://eng.nask.pl/en/offer/telecommunication-offer/security/274,Security-audits.html Wygenerowano: Wednesday, 8 March 2017, 00:09 Security audits NASK offers a wide range of IT system security audits Service description: The methods, strategy and scope of telecommunication and data system security audits can be different. They depend on the application and function of the tested structures and customers' preferences as well as other factors, like the level of penetration while testing specific systems. Wykorzystywane do konkretnych badań scenariusze prac reprezentują autorskie podejście do audytów systemów teleinformatycznych. Podstawę ich wypracowania stanowiły własne doświadczenia oraz metody oparte między innymi o takie źródła jak NIST (National Institute For Standards And Technology), CERT (Computer Emergency Response Team), OSSTM (Open Source Security Testing Methodology), OWASP (Open Web Application Security Project) oraz polskie i międzynarodowe normy dotyczące bezpieczeństwa teleinformatycznego (PN-I-13335-1, ISO/IEC TR 13335-3, PN ISO/IEC 17799, ISO/IEC 27001). For the purposes of the methodology we use the definitions and nomenclature in accordance with PN-I-13335-1. Range of service: Oferowany przez NASK zakres badań audytowych reprezentuje całościowe podejście do badania odporności sieci, systemów teleinformatycznych oraz aplikacji webowych i opiera się na elementach autorskiej metodyki badań audytowych BIBEST (Bezpieczeństwo Informacji - Badanie Elementów Systemów Teleinformatycznych) opracowanej i stosowanej przez Naukową i Akademicką Sieć Komputerową. NASK offers a wide range of audit tests: ● ● Testing the security of systems and networks ❍ vulnerability assessment ❍ penetration tests ❍ audit of configuration security ❍ topology analysis of the entire system Testing the security of web application ● ● ● ❍ vulnerability assessment ❍ penetration tests ❍ security audit ❍ security audit of source code Testing the security of wireless networks ❍ penetration tests ❍ audit of configuration security Testing the security of mobile environment ❍ penetration tests ❍ audit of configuration security Testing procedural security ❍ ● Testing the security using social engineering ❍ ● Security audit - assessment of procedural compliance social engineering penetration tests Verification tests Service Benefits: The measurable benefits that NASK's IT security audit offers to the customer are: ● Practical verification of the effectiveness of implemented security measures ● Obtaining an objective and real picture of audited security elements ● Our experts have long experience and deep knowledge of IT security, not only in technical but also in organizational field, supported by certificates.