Submit to DiggSubmit to FacebookSubmit to Google PlusSubmit to StumbleuponSubmit to TwitterSubmit to LinkedIn

CyberSec Methodology

 

  • Cybersec21 is leading the review of security assurance practices, approaches and tooling. Many tools and approaches have played their part in improving our security but new approaches are required in the increasingly pernicious theatre of cyber warfare.  
  • We offer the traditional drop-in products and services for
    • Penetration testing, and
    • Anti-virus, and
    • Technologies for information loss protection (Checkpoint, McAfee and Symantec).  
  • We also offer deeper services which integrate more with an organization's entire SDLC:
    • Security Architectural Review:  We’ll review existing strategies, road maps,  and plans.
    • Security Technical Delivery QA:  We use an ISTQB approach to verifying and validating each of an organization's security controls. This test phase uses your organisation’s existing security controls as a basis for the testing which is delivered during a traditional ISTQB’s test campaigns, test design, test delivery, including go-live production verification.  Typical controls include logging and alerting, network security partitioning (firewalls), password rules and aging, AV and malware detection, role-based access, access security, and Audit and Control measures.  This can take the form of a program/ project delivery or an organisational-wide audit.
    • Strategies and Management for RansomWare Assaults:  These attacks combine technology and human factors; the response needs to be likewise.  CyberSec21 can assist with engagement strategies, contingency measures
  • infrastructure technical QA: We also deliver traditional
    • High Availability (HA) Testing,
    • Failover and Recovery Testing,
    • Technical and Business Continuity Assurance,
    • Failure Mode and Effects Analysis (FMEA): We can train in this technique, or incorporate it into our delivery - from design through build and QA.