Threat and risk assessment
Information is a strategic resource, a raw material; it is an asset for those who possess it. The protection of this information against malicious attacks must therefore be a constant concern for businesses. They must proactively identify their risk profile and determine if their control measures and processes put in place are appropriate and effective.
The Threat and risks assessment service from BCI provides a structured analysis of existing or proposed information systems and their essential elements. Our experts conduct a focused and informed assessment to identify the most vulnerable assets in a system and determine how best to manage them.
The results of this analysis provide baseline data to allow our experts to deliver in a clear and comprehensive report, the recommendations needed to deploy patches designed to mitigate the identified threats.
Standards-based compliance gap analysis
Your organization’s overall security posture can be measured against recognized industry requirements and standards such as the Privacy Act, SCADA, NI, ICS, ICP, SOX, NERC CIP, PCI DSS, ISO, COBIT, ITIL, etc. The difference between the requirements and the performance of an organization creates a “gap”.
The BCI Standards-based gap analysis service was designed to help your company achieve compliance with regulatory requirements, guidelines and standards based on best industry practices in IT security.
Based on this analysis’ results, a detailed report is given to you, summarizing the current level of compliance risks for your business and existing deficiencies. Our experts also recommend the appropriate corrective actions and guide you towards best practice adoption.
Vulnerability and penetration testing
The Vulnerability and penetration testing service from BCI is based on a personalized approach allowing the scanning of your IT infrastructure to identify weaknesses that could be exploited to compromise information or applications.
Depending on your needs, BCI tests the strength of your organization’s network, systems and/or applications using leading tools and methodologies.
Our security professionals attempt to break through your IT security measures, document the results in a detailed report showing test results, problem area, and recommendations for improvement.
Vulnerability and penetration testing can be performed in one or more areas:
- Network (internal and/or external)
- Web application
- Firewall
- Wireless
- VoIP infrastructure
- Database
- Telephony
As a result, your systems are thoroughly tested before they enter a production environment and vulnerabilities are fixed before possible exploitation.
NERC News
SANS Internet Storm Center
- ISC Stormcast For Friday, May 3rd, 2024 https://isc.sans.edu/podcastdetail/8966, (Fri, May 3rd)
- Scans Probing for LB-Link and Vinga WR-AC1200 routers CVE-2023-24796, (Thu, May 2nd)
- ISC Stormcast For Thursday, May 2nd, 2024 https://isc.sans.edu/podcastdetail/8964, (Thu, May 2nd)
- ISC Stormcast For Wednesday, May 1st, 2024 https://isc.sans.edu/podcastdetail/8962, (Wed, May 1st)
- Linux Trojan - Xorddos with Filename eyshcjdmzg, (Mon, Apr 29th)