Bithex NSA™ Penetration Testing, Security Assessments and Risk Assessment
Bithex NSA is a technical security assessment and penetration testing of information systems where Bithex consultants follow a detailed methodology to test for, and analyze, security aspects and vulnerabilities of information systems such as network servers and software solutions.
Vulnerability scanning is performed, software configuration errors are tested for, exploit code and methods are analyzed and executed. Firewall settings, VPN and IDS/IPS system settings are tested.
Compliance to standards and regulations and risk assessments
Today, many companies are required to fulfill standards and regulations on regular security assessments and vulnerability analysis of information system assets.
Bithex NSA security assessments are useful in such cases and can be used to test for several requirements mandated by standards such as ISO/IEC 27001, PCI DSS and other.
Sample requirements tested include controls against malicious code, information security of network services, password use, network access restriction, information leakage, documentation and control of technical vulnerabilities, annual security scans and penetration tests and more.
What’s included in Bithex NSA security assessments?
The Bithex NSA test plan and execution covers security assessments of company’s external and internal networks, according to the customer’s wishes. Test plan components commonly are:
Tools and methodology
Bithex consultants follow documented procedures in execution of security assessments. The Bithex NSA methodology is largely built around standards and best practice on information security testing, such as OSSTMM, NIST-SP800-115 and OWASP Testing Guide.
Procedures are both automated and manual in many scripted steps. Many different tools and methods are used, depending on the information systems being tested.
Price for Bithex NSA security assessments and penetration testing depends on the scope and network size. Please contact us for more details and a price quote.