Security Services

AEIT Solutions is composed of security-cleared information security professionals with backgrounds in computer science, information systems, and engineering specializing in awareness and education; electronic commerce security; electronic security assessment; firewall and web security; incident response; internet and intranet security; intrusion detection; malicious code detection and eradication; application and network security; policies and procedures; risk management; and system and software engineering. Our security services include:

Application security audit

Application security audit is the testing of applications remotely over the Internet for security holes, or the testing of applications at the customer site on a staging server with higher levels of access to the application architecture and documentation. We offer this service in two modes:

• Application penetration testing (remote).
• Comprehensive application security audit (remote/onsite).

Vulnerability assessment

This is an exhaustive methodology that identifies the weaknesses and deficiencies, from a security standpoint, in any given system. Organizations across the world have to be sure that their systems will run continuously. Vulnerability assessments are a critical tool in ensuring this. The idea is to minimize or eliminate the chance of a security breach. Organizations feel a particular need in this regard when they are shifting their operations or launching new systems. Our assessment criteria is comprehensive, our reports easy to use, our recommendations practical, and our data-collection and analysis procedures fast and reliable.

Penetration testing

Penetration testing is the testing of networks and their components for security weaknesses. This test can be done with no knowledge of the network, or as authorized users having restricted knowledge of the network. The test is conducted remotely via the Internet on the IP address, the URL specified by the client, or at the client site (for internal penetration testing).

• Light perimeter test — Testing the strength of the perimeter from a remote location.
• Full perimeter test — Verifying the security of the perimeter, the servers in the DMZ with remote exploitation of DMZ and accessible internal systems.
• Internal test — The "trusted insider" test, launched from inside the client's network, with internal exploitation.

Security Support

To assist companies with systems security management, AEIT Solutions offers the development of customized security policies and business processes, network monitoring, policy and patch maintenance, and security reporting.