SECURITY

Pink Elephant’s Security Consulting service provides a strategic and tactical insight into an organisation’s actual state of security. It verifies whether the best practices and adequate safety measures are in place to mitigate and minimise the impact of known and unknown security risks. Our service delivery comprises of hands-on experience within the Information Security and Digital Forensic environments over a period of more than two decades.

The service delivery model is designed to help corporate entities meet their growing technology needs in the most cost-efficient way, and address Information Security holistically. One of the most critical challenges for management today is determining the risk appetite of the corporation determining the risk appetite requires a clear articulation of the company’s approach to risk-taking, including the nature of the risks.

PEN-TEST SERVICES

The problem of insecure software is perhaps the most important technical challenge of our time. Security is now the critical limiting factor on what we can create with information technology. It goes without saying that you can’t build a secure application without performing security testing on it. Many software development organisations do not include security testing as part of their standard software development process. Still, security testing, by itself, isn’t a particularly good measure of how secure an application is, because there is an infinite number of ways that an attacker might be able to make an application break, and it just isn’t possible to test them all.

However, pen-testing has the unique power to convince naysayers that there is a problem. So pen-testing has proven itself as a critical ingredient in any organisation that needs to trust the software it produces or uses. This service provides a strategic and tactical insight into the organisation’s actual state of security. It verifies whether the best practices and adequate safety measures are in place to mitigate and minimise the impact of known and unknown security risks. We help identify these threats by directly probing and performing Web Application Scanning, Discovery, Vulnerability Assessment and Exploitation, much like an actual attacker would do.

We can help identify:

  • External Network Assessment
  • Phishing Attack Simulation
  • Client Side Exploits
  • Leveraging Cross Site Scripting
  • Leveraging SQLi
  • Network Pivoting Scope
  • Zero-day Attacks
  • Physical Security Checks
  • Impersonation / Social Engineering
  • Targeted attack vectors, to assess the security of your critical data

TALK TO US ABOUT A TAILORED OFF SITE SERVICE DESK SOLUTION

SECURITY RISK MANAGEMENT

Information security is a complex issue and deals with the confidentiality, integrity and availability of data. IT governance is even more complex and in information security terms one has to think in terms of the whole enterprise, the entire organisation, which includes all the possible combinations of physical and cyber assets, all the possible combinations of intranets, extranets and internets and which might include an extended network of business partners, vendors, customers and others.

Information security is a key component of IT governance. As information technology and information itself become more and more the strategic enablers of organisational activity, so the effective management of both IT and information assets becomes a critical strategic concern for boards of directors.

Introduction Compliance to the ISO 27001:2013 standard and associated controls help an Organisation to understand information security risks and develop an information security management system (ISMS) to address the risks identified.

Pink Elephant services include:

  • ISO27001:2013 Readiness / Compliance program
  • ISO27001:2013 Pre-Audits
  • Threat Detection – Link to EclecticIQ tech page