Bithex SecureWerk is a service where we provide security assessments of information systems with automated security scans, daily security checks for newest vulnerabilities, vulnerability management, penetration testing and regular reports on the overall security status of your information systems. Bithex SecureWerk is build on industry standard security and vulnerability scanners that cover tens of thousands of known vulnerabilities and configuration errors in all types of operating systems, network services, web servers and websites.
We also offer Bithex SecureWerk enterprise which is a service intended for bigger companies such as network hosting companies that are commonly hosting a multitude of different information systems for third party companies who each may have different requirements on security.
Bithex SecureWerk™
For your company’s Internet facing assests and equipment like web servers, email servers, DNS name servers, firewalls etc., it is of vital importance to test and monitor the security status of such devices at regular intervals. With Bithex SecureWerk, companies can put all of their Internet connected equipment into daily security testing for newest vulnerabilities and security issues discovered on the Internet. Bithex consultants will execute regular penetration testing, where detailed tests and exploits are executed to try critical vulnerability holes and break-in paths to computers and software systems.
The service is executed by Bithex personnel whereby all your network servers and systems are subjected to daily testing for newest vulnerabilities discovered, full automatic monthly vulnerability scans are executed and penetration testing is performed annually, or more frequently. After each penetration testing a formal report is issued showing the security posture and compliance of your scope of Internet facing systems and equipment.
Where applicable, companies can utilize Bithex SecureWerk reports as part of, and in some instances to fulfill, work on risk assessment of information systems where issues will be classified to risk levels and probabilities of security incidents are assessed.
What’s included in Bithex SecureWerk?
- Daily security scans for all registered systems on external network.
- Full security scans monthly for all registered systems.
- Port scans and fingerprinting of customer’s external network.
- Detailed security assessments and penetration testing of all registered systems.
- Detailed security assessments of open websites and web applications (Bithex WSC) annually.
- Status reports to show the overall status of information security and meetings with customer.
- Vulnerability management, reliability clarification and instructions on fixes and controls.
- Response to new vulnerabilities found with daily security checks and regular vulnerability scans.
- Unlimited number of systems in the user’s IP access list (all IP addresses must be in the property of the user).
- Unlimited number of security scans.
- Risk assessment and classification of vulnerabilities according to Bithex Security Risk Level Definition.
- Support through phone and email on use, reports, false positives management, technical resolution of security issues.
Bithex SecureWerk™ enterprise
Bithex SecureWerk enterprise is a service intended for bigger companies like hosting companies and providers, who are hosting information systems for third party. The service is based on the same components as before, but execution may have different emphasis for different parties. Please stay in touch for more information on Bithex SecureWerk enterprise.
Get a Price Quote
You have the option of choosing from penetration testing being performed annually or up to quarterly (four times each year) as part of the Bithex SecureWerk service. Please send us a line for more information and to get a price quote.
Bithex SecureWerk™ and standards on information security.
Companies who have implemented management systems on information security use Bithex SecureWerk to fulfill various requirements and controls that are mandated by such standards, such as ISO/IEC 27001, PCI DSS and other.
Implementation may vary between companies, but in general, Bithex SecureWerk can be used as aid for ISO/IEC 27001 controls like: A.10.4.1, A.10.6.1, A.10.6.2, A.10.10.5, A.11.1.1, A.11.4.6, A.11.6.1, A.11.6.2, A12.5.4, A.12.6.1, A.13.1.2, A.14.1.2, A.15.2.1.