Diagnostics, Interpretation & Guidance
Advisor Armor establishes the diagnostics needed to evaluate security and then the guidance to address such within budgetary constraints.
Remote and Internal Assessments
The Advisor Armor provides detailed processes and tools that identify security vulnerabilities and weaknesses.
Vulnerability and Risk Assessment Testing: Define, identify, and classify the security holes (vulnerabilities) in a computer, network, or communications infrastructure.
Penetration/Infrastructure Testing: Perform Ping Sweeps, Port Tests and various other vulnerability scans.
Web Server Security: Test your Content Security Policy (CSP), HTTP Security Headers and overall web server security:
Aimed to enable anyone to detect malicious domain activities targeting his, or her, domain name or brand the service searches for:
- Potential Cybersquatting
- Domains registered in different TLDs and owned by a third party
- Domains imitating domain names or business identity and owned by a third party
- Potential Typo squatting
- Domains with typos in body and owned by a third party
- Domains with typos in body and TLD and owned by a third party
- Potential Phishing
- Domains that try to visually impersonate your domain or brand and owned by a third party
- Domains that contain phishing content targeting your domain or brand users
- Domains that contain malicious content targeting your domain or brand users
Many small businesses only have the bare minimum when it comes to cyber security – desktop anti-virus. While anti-virus platforms provide a good first line of protection, they are not sufficient in protecting the business from intrusion, attacks, and the latest malware. Advisor Armor's Shield Test remotely evaluates an entire network to determine if there are any weaknesses in the current configuration that can create vulnerabilities and allow cyber hackers access to sensitive company and customer data. The Test includes seven steps, including a Distributed Denial-of-Service (DDOS) attack, which can completely halt a business’ ability to operate. Once completed a detailed report of the criteria the system passed and where there’s room for improvement, along with recommended next actions.
Tests evaluate the following seven criteria of cyber security:
- 1. Open Ports Test – identifies any ports that are left open, which can increase the likelihood that cyber intruders can access a system.
- 2. DDOS Defense Test – mimics a Distributed Denial of Service (DDOS) assault to check if a defense is triggered.
- 3. Malware/Virus Test – checks to make sure the system detects and blocks an attempted malware/virus download.
- 4. Client-Side Attack – tests for the presence of a properly configured Intrusion Prevention System (IPS), protecting clients (computer, tablet, etc.), from an attack.
- 5. Server-Side Attack – tests for an active IPS on the network, properly configured to protect servers.
- 6. Credit Card Theft Test – attempts to upload credit card numbers from the system to the Internet to test for theft vulnerability and the presence of a DLP system.
- 7. Bandwidth Test – determines how fast the network Internet connection is; complete security is often a tradeoff for a fast Internet. Conducts a TCP bandwidth test instead of a UDP test to show true user experience versus just pipe size.