>> EN | DE
   Home | WiseTest | Services | Products | References | News | Events | Partners   About Detack  
 
    IT Security Services
Security Auditing
Audit Targets
Cash & Payment
    Systems(ATM,POS,etc.)
E-Services
Host &
    Midrange Systems
Infrastructure
Terminal Services
VPN Services
SAP®Systems
EDI / Other Enterprise     Services

Documentation &
    design policy
Custom &
    Specialized Audits
Audit Layers
Audit Perspective
Consulting

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Services > Premium Audit > Audit Targets > Target Listing

Infrastructure

The security auditing targets are all the available IT systems detected in a selected address range in order to detect the safety flaws affecting the IT-infrastructure, which is the basic layer for any other more complex services and applications. The client receives a complete IT security assessment of the standard components and common services. The Infrastructure security audit offers the complete IT security assessment picture of the entire environment without including the application layers.

Applicable Detack Security Audit Modules:
Standard IT Security Audit / External
Standard IT Security Audit / Internal

Terminal Services

The terminal services audit addresses all the areas of a terminal services deployment, including self developed add-on components, from both the anonymous attacker and the user perspectives. The published applications are tested in-depth to determine if and how these components can be used, most often by registered users, to compromise data belonging to other entities by exploiting programming or configuration mistakes in order to bypass the authorization procedures and the security policies.

Applicable Detack Security Audit Modules:
Terminal Services Audit / Anonymous & User Perspectives

VPN Services

Detack has developed extensive expertise in the auditing of VPN equipment as well as particular VPN deployments. The VPN targets include all the security aspects on a VPN system, from the product itself, to network design and particular deployment and customization aspects. The selected systems are completely tested for access related IT security vulnerabilities, configuration and / or design flaws and any particular aspects which might compromise the VPN network by permitting unauthorized access. The VPN audit includes by default the user perspective testing as well as all the enabled VPN protocols and authentication services.

Applicable Detack Security Audit Modules:
VPN Services Audit / Anonymous & User Perspectives

SAP®

SAP® security auditing is one of the strongest points of the Detack IT security services. Detack has developed for the past eight years a broad range of SAP® security know-how and is able to cover today all the SAP® components (R/3 ABAP, J2EE, ITS, WAS, NW components, XI, etc.). The testing includes all the possible layers of an SAP deployment, starting with the kernel and custom application layers, up to business application programming analysis in ABAP and Java and multinational SAP® landscape evaluation. Further documentation and possible project sizing are available upon request.

Applicable Detack Security Audit Modules:
SAP Services Audit / External / Anonymous & User Perspectives
SAP Services Audit / Internal / Anonymous & User Perspectives

EDI / Other Enterprise Services

Detack provides customized auditing services for industry specific online applications, such as EDI, payment processing and clearing services. The basic procedural framework for these targets is provided by the Detack customized e-Business Services Audit modules..

Applicable Detack Security Audit Modules:
e-Business Services Audit / Anonymous Perspective (Customized)
e-Business Services Audit / Anonymous & User Perspectives (Customized)

Documentation & Design Policy

Detack provides auditing of the IT security policy, the policy application guidelines, rule enforcement and countermeasures against security violations. All existing documentation, strategic, design and technical data is subject to analysis. Besides policy related documentation, Detack also offers complex landscape layout auditing and consulting in order to improve the safety level of the security design, ideally prior to its implementation.

Applicable Detack Audit Modules:
Security Policy and Documentation Audit
Network and Application Design Analysis

Custom & Specialized Audits

Complex scenarios and specialized applications are covered by fully customized IT security audits. For systems and / or applications that do not fit into the already present audit modules targets, a new audit module will be built for covering the additional target or target set.
© 2000-2012 Detack GmbH. All rights reserved.