Cyber Security Services

Cyber Security is one of today’s key concerns in any organization with internet presence. Our main objective is to identify cyber security weaknesses and test how far a potential exploit can compromise our client’s network. We also assess  organization's security policy compliance, the effectiveness of employee security awareness training program, as well as  ability to identify and respond to cyber security incidents.

  • Cyber Security, Identity & Access Management

  • Governance, Risk and Compliance- GRC

  • Online Data Access Security and Vulnerability Assessment

  • Single Sign On (SSO) Identity Protection

  • Intelligence Driven Security Solution- RSA

 

 

High level Cyber Security Assessment Process

  • Perform Risk Assessment

  • Develop an operational framework that fits the size, scope, and complexity of the organization.

  • Characterize the System (Process, Function, or Application)

  • Identify Threats

  • Determine Inherent Risk & Impact

  • Analyze the Control Environment

  • Determine a Likelihood Rating

  • Calculate your Risk Rating

    Regular risk assessments are a key part of any risk management process which helps identify acceptable level of risk while drawing attention to any required control measures.

    Dulles Systems offers a full range of enterprise security consulting and implementation services to include:

  • Security test and evaluation

  • System Security Plans (SSP)

  • Incident Response Plan (IR)

  • Rules of Behavior (ROB)

  • IT System Contingency Plan (ITCP)

  • Security Test and Evaluation Plan (ST&E)

  • Security & Vulnerability assessments

  • Penetration testing

  • Security policy and operational procedure development

  • Computer security incident response

  • Vulnerability analysis

  • Malicious code analysis

  • Security risk assessment

  • FISMA and NIST Compliance Support 

  • Data Driven Testing 

  • Cross-site Scripting (XSS)

  • SQL Injection

  • Server-side Remote Code Execution (RCE)

  • Cross-site Request Forgery

  • Server-Side Request Forgery (SSRF)


    Our proven assessment framework allows our security team to rapidly and effectively identify potential vulnerabilities and areas of exposure on the targeted network.  We provide mitigation strategies for each vulnerability. A clear road map to implement the remediation that best suits the client’s environment policy and budget.

 

Identity And Access Management


Identity and Access Management (IAM) is the combination of technical systems, policies and processes that create, define, and govern the utilization and safeguarding of user access, user identity information. IAM ensures that users are who they say they are (authentication) and that they can access the applications and resources they have permission to use (authorization).

 

High level Identity And Access Management  Process


Systems used for identity and access management include single sign-on systems, multi-factor authentication and access management. These technologies also provide the ability to securely store identity and profile data as well as data governance functions to ensure that only data that is necessary and relevant is shared.
 

  • Simplify the user provisioning and account setup process.

  • Automate control that administrators need to monitor and modify access rights.

  • Multiple review levels can be included as workflows to enable the proper checking of individual requests.

  • Do more of role-based access provision

  • Enables enterprise wide security policies for all the different devices and operating platforms.

 

Tools/Technologies

  • Single Sign On (SSO) Identity Protection

  • Intelligence Driven Security Solution- RSA

  • Oracle Identity Analytics

  • SailPoint

  • RSA

  • SafeNet