Search
 
Technology Vendor Management Services
BPO

SPI Live Help
Careers   |  Contact   |  Media Kit  |   Site Map  |  White Papers  |   Login
 

An outstanding Network Audit and Security Service is an added feather on the cap for SPI as it provides a platform to incorporate alerting, security assessment and reporting. SPI’s customers benefit from reduced costs, improved audit integrity and lower risk.

Currently, security breaches are critical problems for public and private institutions due to the increasing threat of attack. The large number of vulnerabilities that are being discovered today is due to the sophisticated and automated attack tools available freely over the net. The increasing need of connectivity of internet users is also contributing a lot in mounting security violations. Systems are increasingly prone to security breach due to complex networks and surge in end users.

SPI uses a verified methodology and the process is designed to rapidly scan large networks to acquire a true assessment of the security vulnerabilities. Below are the services offered by SPI.

  • EXTERNAL PENETRATION TESTING / VULNERABILITY ASSESSMENT

    • SPI conducts an examination of the potential vulnerabilities of the perimeter network to ensure that security safeguards are in place. This helps to protect valuable assets and confidential information against unauthorized access that could have potentially catastrophic and costly consequences. More>>

  • WEB APPLICATION SECURITY

    • SPI’s web application security assessment suite accurately pinpoints critical flaws and errors at the web application layer and manages the process of fixing them. More>>

  • PHYSICAL SECURITY CHECKS

    • SPI facilitates an intact Physical security check to prevent attackers from accessing a facility, resource, or stored information on physical media. SPI helps to analyze on video surveillance and security solution that enables viewing, monitoring and digitally recording activity throughout your environment. SPI believes that your organization can benefit from this end-to-end, cost-effective security solution.

  • PROJECT DELIVERABLES

    • SPI provides the deliverables in a phased manner and will submit a draft copy of the same for review and approval. SPI also discuss the content of the deliverables with the management and incorporate their feedback/comments in the final version of the deliverables. More>>

  • COMPUTER FORENSICS

    • SPI uses its expertise to help unravel the electronic discovery intricacies involved in everything from examination of a single computer to complex or class action litigation. Our services encompass every aspect of electronic discovery process, including Computer Forensics, Data Acquisition, Forensic analysis, Data Recovery, Deleted File Recovery, Disk Imaging and Examination of suspect data to determine origin and content. SPI renders its services to Corporations, Attorneys and Private Sectors. Cost-effective, practical and proven methods help clients to find the right data at the right time.

ATTACK SCENARIOS
Below are some of the examples of attack scenarios which can be tackled proficiently with the help of the services provided by SPI.

  • SQL Injection attack

    • SQL injection is a method that exploits the security vulnerability occurring in the database of an application. The vulnerability occurs when user input is either incorrectly handled for string or literal escape characters in SQL statements or user input is not correctly typed and thereby unexpectedly executed. It is a general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another.
  • XSS Attack

    • Cross-site scripting (XSS) is a type of vulnerability that is typically found in web applications which allows code execution by malicious web users into the web pages viewed by other users. This type of code includes HTML code and client-side scripts. An exploited XSS vulnerability can be used by Hackers to bypass access controls. Recently, vulnerabilities of this type have been exploited to launch powerful phishing attacks and browser exploits. XSS scripting was originally referred to as CSS, although this usage has been largely discontinued.
  • Man in the Middle attack

    • A man-in-the-middle attack (MITM) is an attack in which Hacker is able to read, insert and modify according to his will, messages between two users, without either party knowing that the link between them has been compromised. The MITM attack can work against public-key cryptography and is also particularly applicable to the original Diffie-Hellman key exchange protocol, when used without authentication.

 

Top

   Copyright © 2006 . Software Paradigms International Inc.    Privacy Policy    Terms of Use