Protect business critical assets

The complexity of the IT systems running today’s digital business is rapidly increasing, steadily redefining the threat landscape.
As Internet connected systems are often the primary attack surface for an organization, their security plays a crucial role in safeguarding business critical assets.

F-Secure’s cyber security assessments aim at identifying vulnerabilities present in the code and implementation of digital business, independent of underlying technologies and third-party products.

The aspects that F-Secure RADAR vulnerability service attends to:

Determines vulnerabilities in the internal network as well as external resources, such as hosted servers, mail and other applications, as well as the resources of suppliers that the company does business with and which are a potential threat due to their own vulnerabilities.

Determines if there are any vulnerable computer resources in the organisation that the IT department is not aware of – whether these are owned by the company or employees who haven’t made the company aware of them.

Highlights interactions that are considered risky and in need of securing better.

Determines resources that haven’t been updated with the latest software patches.

Provides good governance that protects employees and customer data records.

Pre-empts a bigger problem by nipping in the bud a compromised resource somewhere on the network.

Helps identify potentially risky users who may unwittingly be engaging in behaviour that is putting the company at risk.

Reputation protection – examples being large organisations that recently suffered attacks and theft of data, resulting in damage to their reputation, share prices falling and possible fines and legal action.

Saves on unnecessary expenses in terms of IT manpower needed to remove malware and reinstate computer resources that have been compromised.

Potentially saves an organisation a great deal of money in lost business if either the infrastructure is rendered unusable or customers are lost.

Prevents costly fines and litigation against the company in terms of customer privacy infringements under the GDPR and our own soon-to-be enacted POPI Act laws, protecting against the compromising of customer data.

Assessments are kept on record to be referred to in the future so that measures can be taken to deal with any vulnerabilities and re-check them afterwards to ensure they are no longer a risk.

Assessing a target

Our approach to cyber security assessments is consistent with recognized industry practices and complemented by our extensive experience spanning from front-end, middleware, to back-end systems.

Our assessments are tailored to meet client needs and using our detailed methodology, a combination of manual techniques and the right set of proprietary and commercial tools, can pinpoint specific vulnerabilities and identify underlying problems that may pose unwanted risks to your organisation.

Session management
Use of cryptography
Authentication, access control and authorisation
Business logic
Server architecture and security specifications
Error condition handling and exception management
Data validation, confidentiality and integrity
Hardware security
Privacy concerns
Management interfaces

F-Secure have extensive experience in performing security assessments targeting varied environments.

From our experience, many of the applications and systems we assess contain common vulnerabilities that could, when exploited, introduce business impacts that no organization can afford to accept: for example, privacy issues, data manipulation, information theft and damaged reputation.

The F-Secure way

We focus on understanding your business and its impact on security requirements, and ensure that your organisation complies with both internal and external security requirements. The result is secure and robust services for your government and business partners, customers and internal users.

We believe in tailor-made assignments to suit your information security strategy and take into consideration your unique requirements. Our actions from initial dialogue to delivery of the security report are always adjusted to your specific needs, with the aim to build long-term partnerships that will bring improved return on cyber investments to you.

Highly cost effective
Tailor-made assignments to suit your information security strategy
Improved return on cyber investments
Training in secure application development and consulting in security-driven software development lifecycles (SDLCs)