Anitian's Enterprise Security Assessment (ESA) is a comprehensive security and compliance package that covers all aspects of organizational security including administrative policies, infrastructure configuration and operational practices. It is an ideal service for organizations looking for an in-depth, technical assessment of their security and operational practices.
Anitian's ESA includes the following services:
| Service |
Description |
| Vulnerability Scanning |
Scan internal and external networks for vulnerabilities using Anitian’s unique suite of commercial and open-source tools. |
| Penetration Testing | Test external (Internet exposed) hosts for resistance to attacks and common web application attacks. |
| Configuration & Controls Analysis |
Review the configuration of key infrastructure components and servers for problems or threats that may affect security or reliable operation. |
| Wireless Network Testing |
Perform a comprehensive wireless
assessment of existing networks. |
| Policy & Procedure Review |
Analyze organizational security policies, operational procedures and technology standards for alignment with best practices and relevant regulatory issues. |
| Compliance Review | Review compliance programs for effectiveness and alignment with relevant standards and/or requirements. Service can cover multiple standards such as PCI-DSS, NERC-CIP, HIPAA, HITECH, DIACAP and more. |
| Personnel Interviews |
Conduct a series of facilitated and one-on-one discussions about security and IT operations with relevant management and operational staff. Anitian typically interviews IT management, human resources, finance and other individuals who have a key responsibility with information security and business continuity. |
| Disaster Recovery / Business Continuity Review |
Review organizational efforts to recover from disasters and maintain business operations. Includes detailed review of backup and storage procedures as well as DR/BC plans and procedures. |
| Cultural Assessment | Assess how the organization works. Anitian has found that organizations with a strong internal culture of excellence, collaboration and accountability tend to handle security better. This assessment looks at how people work together and handle the complexities of change and security. This is a service unique to Anitian’s security assessments. |
| Physical Security Review |
Review physical security controls for
effectiveness. |
Upon completion of the assessment, Anitian will produce a comprehensive Enterprise Security Assessment Report. This report will include a high-level Executive Summary which clearly describes both the strengths and weaknesses of the organization’s security. The report will also include detailed findings and a complete set of recommendations.
Some benefits of Anitian's ESA include:
- Detailed Roadmap
Anitian will craft a detailed roadmap for improving security, enhancing IT operations and ensuring compliance.
- Scientific methods
Anitian relies on a rational and pragmatic philosophical approach to security that emphasizes empirical results and practical recommendations.
- Alignment with ISO 27002
Anitian uses the ISO 27002 Code of Practice for Information Security Management framework as a guide in analyzing security management and practices.
- Strengths and Weaknesses Evaluation
Anitian not only outlines the organizational security challenges but also highlights the areas where the organization is following best practices. This paints a fair and honest picture of IT security for management.
- Summary Grade
Anitian relies on a simple A through F grading scale to help clearly identify areas of strength and weakness.
- In-Depth Technical Details
All Anitian reports include detailed technical information on improving security and correcting vulnerabilities.
For more information, please call 888.ANITIAN, or email Anitian Enterprise Security.
