Detack WiseTest: Definition

Based on the past ten years of advanced security auditing of complex environments, Detack has selected a number of procedures in order to build an affordable, yet top quality security audit modules set, under the WiseTest name.

By standardizing the procedures, eliminating on-site collateral costs, and implementing an intelligent mixing of manual and semi-automated procedures and resources pooling, Detack is now able to offer at competitive prices security auditing technology proven effective in critical areas, such as payment and cash processing, banking, state and government.

Easy to understand, easy to use, minimal effort and no security expertise requirements on the client’s side are key elements of the Detack WiseTest solution. The WiseTest security audit modules are always followed by a custom, hand written security report which includes a management level executive summary. The report provides data which enables both the management and the IT personnel to act immediately, without requiring further information.

Use this link to download the WiseTest service information brochure: PDF

Detack WiseTest: Outcome

The Detack WiseTest delivers all the results expected from a comprehensive security audit: detection of security problems, determination of the best solving path and prevention of further occurrences of similar issues. The management is also provided with a valuable tool for assessing the IT performance and the operational safety of the enterprise assets, as well as for implementing any internal or external security regulations.

The Detack WiseTest answers questions such as:

Is it possible, for an anonymous Internet attacker, to take over or otherwise compromise any of the servers, services and networking
     equipment?

Is it possible, for a registered client, to take over or otherwise compromise any of the accessible web applications, their hosted data or
     access any other clients’ data?

Are there flaws in the patch management and update processes implemented in the company in respect to vendor updates and new
     software versions?

Is the IT security policy effective in preventing security compromise? Is the security policy also properly implemented in praxis or is it just
     theoretical?

Are the authentication and authorization systems really working, being effective in preventing unauthorized access to the systems or
     unauthorized access to restricted data?

Is the programming of the applications secure, effective in preventing code injection, cross-site scripting, authorization bypassing and
     other typical flaws?

Is it possible to exploit overall system security design flaws in order to gain access to other DMZ or internal systems, other subsidiary units
     and other entities?

Are the vendor security guidelines positively followed and all known and published security vulnerabilities eliminated from the target
     systems? Are there any vendor or product security vulnerabilities affecting the components in use, which allow the compromise of the      targets or data processed by them?

Detack WiseTest: Selection

The WiseTest security audit modules are designed for two different types of targets: infrastructure plus network and web presence. Price discounts are available if the audit modules are ordered combined or for multiple targets.