NETWORK SECURITY

BASELINE EVALUATION

 
find out exactly where you stand against your threats... BEFORE a compromise.

A Network Security Baseline Evaluation is an evaluation of your current network defense posture to examine your unique preventative policies, procedures and security controls as well as determine and prioritize the areas that would be most impacted by a data breach or cyber event. The service was designed to be a low impact, easy process of assessing one’s cyber stature and capabilities. It further helps to develop and cultivate a security strategy for your network to understand where your network defense stacks up against industry compliance measures. Once completed, the resulting report will outline the level of strength of your network security posture and outline the areas that would be most impacted from a cyber event. Additionally, the final process will include scheduled review with a Shadowscape intelligence analyst to personally discuss the results of your report and potential next steps.

NSBE overview

Service Engagement

  • The onboarding process begins with a sequence of questionnaires to establish the client’s current operating environment.

  • Web onboarding/business context questionnaire – Triaging the most pertinent threat-based defense measures defined by your current organization’s industry vertical.

  • Risk, Policy and Governance Assessment – Understanding the current maturity level of your cybersecurity program through the scope of industry standard security frameworks.

  • Asset Identification and Impact Assessment – Identification of your most crucial assets and conduct a cost-driven impact assessment of a cyber event and chart/prioritize them in a readable way

  • Security Framework Strategy Review – Collect the results of the prior assessment data and compile into a comprehensible gap analyzed breakdown of your current preventative strengths and weaknesses.

  • Threat Intelligence Analyst Consultation – Final overview of your assessment and available options of what you can do to further improve your security posture.

Deliverables

  • External scan of your network perimeter

  • Externally facing perimeter of security devices

  • Prioritization of vulnerabilities with recommendations for action.

  • Security Analyst review of results

  • Internal scan of network for discovery, configuration and vulnerabilites.

  • Internal audit of technical security controls such as firewall configuration, network topology, wireless configurations

  • Credentialed scan for missing patches and client-side software vulnerabilities.

  • Review of governing security policies, procedures and enforcement to include disaster recovery/continuity and compliance (PCI, HIPAA, NIST 800-171, etc.).

  • Review of physical access controls, data center security, environmental disaster protection, sensitive data handling policies and enforcement (prohibited access, document disposal, surveillance systesm, screen locking/password policies, clear screen policies)

  • Review of security tools, capablities and configurations.

  • Current NIST CSF stature.

  • Interactive final report with data-driven analytics of current defense posture, delivered via Custom Client portal

  • Threat Intelligence Analyst Consultation

 

Process

1: COLLECT

We collect information about all assets, policies, configurations

4: PROCESS

Collected and scan results are processed for relevant and actionable information.

2: IDENTIFY

We identify the areas where scanning and assessment will be launched from.

5: ANALYZE

Processed results are analyzed for context, relevancy and accuracy.

3: SCAN

Vulnerability scans of internal and external infrastructure.

6: REPORT

Prioritized reports are generated and disseminated with recommendations for action.

Take your NSBE to the next level by reconciling your risks and threats with a Threat Preparation Assessment!