The Source
TCG Launches a Fortune 500 Corporate Web siteTCG is thrilled to announce the launch of another fortune 500 company's corporate... | CASE Launches New Web siteThe Council of American States in Europe, also referred to as CASE for short has launched their new Web... | TCG Launches New Web SiteThe time has come for the new face of TCG to shine brightly. The new Web Site is designed to showcase... | Hatfield-McCoy is a big successThe economy of Southern W.Va. can be diversified, it turns out For generations, West Virginians have... | Governor Honors 40 State FirmsForty West Virginia companies, including 10 from Kanawha and Putnam counties, were recognized by Gov.... |
Technical Services
Security Assessments
In the connected landscape of today's business environment, threats are everywhere. Whether it be from "hackers" inside or outside your organization, or the myriad of trojans, spyware and viruses, your network must be protected. TCG engineers can provide security assessments at all levels of your organization.
Penetration Testing
A Penetration Test, or "pen test," is a non-cooperative (blind) attempt to compromise systems or information housed on client information systems. External Penetration Testing tests external systems for possible points of unauthorized ingress. External systems are defined as those visible to the public via internet, wireless, or telephony systems. Internal Penetration Testing tests internal systems for possible lapses in security policies. A pen test does not enumerate all possible vulnerabilities, it only illustrates a few vulnerabilities that could be used to compromise the system.The methods used in Penetration Testing include:
- Enumeration of network protocols, nodes and listening services
- Attempts to gain footholds and escalate privileges on visible and potentially vulnerable network systems
- Attempts to gain access to sensitive information through "social engineering" methods - speaking with employees acting as another employee or partner
- Attempts at escalating privileges or capabilities on phone systems
- Attempts to gain access via wired and wireless networking
Vulnerability Assessments
A Vulnerability Assessment (VA) tests systems for possible vulnerabilities. A vulnerability analysis is cooperative testing method for vulnerabilities in accessible systems. TCG engineers use network maps, authorization tokens (logins, passwords, etc.) and other information to perform a complete vulnerability analysis.The methods used in Vulnerability Assessment include:
- Enumeration network protocols, nodes and listening services
- Working with your IT staff to ensure that all ingress points, publicly reachable systems, publicly accessible applications, and other publicly accessible communications assets are fully enumerated and completely tested
- Performing comprehensive vulnerability assessment on systems enumerated by a Penetration Test
HIPAA Security Audits
The Health Information Portability and Accountability Act (HIPAA) mandates the privacy and protection of all Protected Health Information (PHI). TCG can provide a turnkey solution to bring an organization into HIPAA Security compliance. We can provide services from an analytical (gap assessment), developmental (migration towards compliance) perspective, or both.Related Information
