What is covered in an Annual Website Security Management Service?
- Annual Server Hardening: We review the configuration of your servers and recommend changes to meet best practice guidelines.
- Annual Application Hardening: We review the configuration of your web and database server and recommend changes to meet best practice guidelines.
- Half-Yearly Web-Application Security Testing: An in-depth automated and manual security review of your web-application for technical as-well-as business logic vulnerabilities.
- Quarterly Web-Application Vulnerability Assessment: A rapid automated security review of your web-application for technical vulnerabilities.
- Quarterly Network Penetration Testing: An in-depth automated and manual security review of your network for technical, patch management and configuration vulnerabilities.
- Monthly Network Vulnerability Assessment: A rapid automated security review of your network for technical and patch management vulnerabilities.
- 24/7 IP Space and Website Malware Monitoring: Our intelligent monitoring engine identifies any and all malware on your website and network IP ranges.
- Monthly Log Review: We conduct a monthly log review for attacks and ensure that the security controls in place are effective.
- Proactive Threat Alerts: By keeping our ear to the ground, our intelligent threat system alerts you to any potential targeted threats, critical patch updates and other identifiable risks against your organization.
- Developer Awareness Training: To ensure growth and improvement
Our custom developed reports provide application-specific details along with step-by-step fix information, code and configuration examples.
Some unique aspects of our reports are:
- Custom developed by experts specifically for your application infrastructure.
- Detailed fix information with source-code and configuration details for your development language and platform.
- Multiple fixes and workarounds to help you find the best possible solution.
Work With Us
Security Brigade a CERT-In empanelled founded on the core belief that "Great audits are done by great auditors - not expensive tools". Our proprietary E.D.I.T.E platform provides a workflow based testing engine that encapsulates the complete audit process. It allows expert auditors to focus on in-depth manual testing while assisted by a combination of proprietary, open-source and commercial technology.