...a systematic approach to identifying IT security risks
For maximum effectiveness, Fulcrum IT conducts two approaches to risk discovery, then proceeds to risk analysis.
"Black Box" Testing
In black box testing, vulnerabilities and flaws are discovered prior to understanding the underlying system. In other words, our analysts assess our system like an outsider trying to get in.
System analysis involves finding vulnerabilities based on unknown network and system architecture.
Both approaches to risk discovery include the following procedures:
- Vulnerability scanning
- Network penetration testing
- Network discovery
- Network sniffing
- Network security audits
- System inventory
After the discovery phase, Fulcrum IT proceeds with a formal risk analysis, to include:
- Security posture assessment
- Risk/vulnerability/threat assessment
- Security policy and procedure analysis
- Business impact analysis
- Network security violation analysis
- Emergency response/disaster recovery