CanDo Tech Consulting Inc.



Cyber Security

Cyber security

CanDoTech Consulting Inc. has a full line of services dedicated to web application security, HITECH compliance, PCI complaince, HIPAA compliance and custom security consulting services

Our Services:

A single successful penetration by a malicious hacker can result in compromising an entire organization’s confidentiality, integrity, and availability (“CIA”). CanDoTech’ s research driven penetration testing & vulnerability assessment services help to prevent such a compromise by testing at realistic levels of threat.

Understanding real-world risks

CanDoTech conducts penetration tests from inside and outside of your network to identify risks and help you to prioritize remediation. Types of penetration tests include:

  • Internal and external network penetration test
  • Web and mobile application penetration test
  • Wireless penetration test
  • Social engineering security testing (physical and electronic)

Penetration testing services

External network penetration testing

Penetration testing for Internet-accessible devices or internet of things (“IOT”) along with services such as web servers, firewalls, routers, DNS and remote access etc.

Internal network penetration testing

Penetration testing for internal servers, firewalls, routers, switches, email and DNS services.

Wireless network penetration testing

Penetration testing for wireless infrastructure, including access points, controllers, firewalls etc.

Application security testing services

CanDoTech’s comprehensive Web Application Security Testing covers the classes of vulnerabilities in the 2013 Top 10 Open Web Application Security Project (OWASP) and are listed below for easy reference:

  1. Malicious code Injection
  2. Cross-Site Scripting (XSS)
  3. Broken Authentication and Session Management
  4. Insecure Direct Object Reference
  5. Cross-Site Request Forgery (CSRF)
  6. Security Misconfiguration
  7. Insecure Cryptographic Storage
  8. Failure to Restrict URL Access
  9. Insufficient Transport Layer Protection
  10. Invalidated Redirects and Forwards
  11. SQL injection
  12. Man in the middle attack

The primary goals of Web Application Security Testing:

  • Provide management with an understanding risk levels introduced by the web application.
  • Provide recommendations and details to facilitate a cost-effective and targeted mitigation approach.
  • Create a basis for future decisions regarding information security strategy and resource allocation.

 Other Services

  • SSL report
  • TCP fingerprinting
  • WHOIS
  • Traceroute

 

CanDoTech Consulting Inc©2014 All rights reserved.         Sitemap     Career