A Thing
The Green SheetGreen Sheet

The Green Sheet Online Edition

January 25, 2016 • Issue 16:01:02

New Products

Holistic approach to cybersecurity

Product: Next Generation Security Assessment Services
Company: Redhawk Network Security LLC

Redhawk Network Security LLC,RedHawk Logo a network engineering and information security firm established in 2001, designed a suite of onsite, remote and online services for businesses. Services include information security assessment, managed security services, security software-as-a-service, security consulting, network monitoring and management, network implementation, and network storage.

The company works closely with clients' IT staff to understand and identify organizational risks. Risks and controls are evaluated based on information security best practices defined in ISO/IEC 27001 and ISO/IEC 27002 specifications, along with guidance from the National Institute of Standards and Technology. Compliance with the Payment Card Industry (PCI) Data Security Standard (DSS) and related security standards is evaluated by the PCI Security Standards Council (PCI SSC). These standards provide the framework to ensure the safe handling of cardholder information.

All-inclusive assessments

Redhawk noted that its security analysts review all system assets within scope at client locations. Every aspect of a security program is evaluated, from network architecture, hardware and software configurations to policies and procedures. This hands-on approach employs software tools, manual analysis, interviews and personal observations to determine the program's overall effectiveness. A cloud portal provides detailed and easy to understand assessment reports along with tools for documenting remediation progress and managing vulnerabilities. Recommendations for remediation are provided for all vulnerabilities found.

After the review process, a comprehensive report provides documentation with recommendations to assure the client is following accepted industry best practices for maintaining information security. "Over the past few years we have seen progress in PCI compliance requirements, but we continue to see outdated assessment methods in numerous business sectors, including financial services, healthcare and government, that fail to provide merchants with a clear remediation path," said David Lindemann, Redhawk Vice President of Technology and Products. "Redhawk Network Security addresses this trend by providing our customers with next-generation security assessment services."

Next generation security assessment services

Beyond initial penetration testing and security assessment, maintaining a secure network requires ongoing due diligence and monitoring to mitigate vulnerabilities. Redhawk stated it offers a variety of services and products focused on security, including:

  • Network Security Consulting and Audit: Information security consulting for administrative, technical and physical controls
  • Information security management consulting: IT audit, penetration testing, social engineering, vulnerability assessment, and disaster recovery/business continuity planning
  • Network Security Design: Consulting, design engineering, and installation services for network hardware
  • Network redundancy and performance tuning: Troubleshooting and diagnostic services related to network topologies and performance issues
  • Network Security Infrastructure design and support: Design, consulting and project coordination; configuration and installation, onsite and remote support services 24/7/365; troubleshooting network and system issues in support of client staff and end users
  • Managed Security Services: Managed and monitored firewall and intrusion prevention services – to reduce the complexities of firewall operation while providing essential security and maintenance
  • Vulnerability Management: Keep on top of evolving threats and gain visibility into network threats
  • Web Application Security: Open Web Application Security Project vulnerability protection and PCI compliance
  • Threat Management: Intrusion detection and prevention delivered as a service

  • Advanced Log Management: Effective log management is imperative for maintaining compliance; it is also a powerful tool for mitigating intrusions and security breaches

Acquirer-centric approach

Redhawk security assessors have Qualified Security Assessor and Certified Information Systems Security Professional certifications and maintain the company's portal tools in conformance with PCI SSC assessment controls and specific acquirer compliance requirements. "The two most critical components in performing any type of PCI assessment is an accurately scoped cardholder data environment and a clear understanding of the acquirer's compliance requirements," Lindemann said. "While we do approach PCI compliance from a focused perspective, we are always looking to improve the industry standard and provide feedback to agencies and ISOs," he added. end of article

Website: www.redhawksecurity.com Contact: info@redhawksecurity.com

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

Prev Next
Facebook
Twitter
LinkedIn

Current Issue

View Archives
View Flipbook

Table of Contents

Lead Story
Views
Education
Company Profile
New Products
A Thing