Skip Ribbon Commands
Skip to main content

Security Testing as a Services


PROTECTING YOUR NETWORK ASSETS
​​
As the world heads towards “Internet-of-everything”, cyber-attacks, which may come in various shapes and forms, have proven to be a serious threat to business operations and the menace will only get worse. Thus, it is crucial for organizations to take pro-active measures to ascertain the integrity and security of their network assets. 

To help ease customers from this burden, Custommedia has put together attractive packages of Security Testing services that offers varying levels of services, depending on customers’ needs.

Standards packages available:

​PACKAGE TYPE A 
Remote Vulnerability Assessment (VA)


    • ● Automated VA
    • ● One-off or scheduled scan (e.g. daily, weekly, quarterly, annually, etc.)​
          • ● Covers Public URL and Public IP addresses
          ● Scan for OWASP, MS Patch & Automated Pentest
        ● Deliverables:
    •         OWASP report
    •        PCI report​
              •         Penetration Test report
                      ISO 27001 report
                    SOX report
                  MS Patch report
                HIPAA report



PACKAGE TYPE B 
On-Site Vulnerability Assessment (VA) Scan​


    • ● Automated VA
    • ● One-off or scheduled scan (e.g. daily, weekly, quarterly, annually, etc.)​
          • ● Covers Public & Private URLs and IP addresses, and databases
          ● Scan for OWASP, MS Patch & Automated Pentest
        ● Deliverables:
    •         OWASP report
    •         PCI report​
              •         Penetration Test report
                      ISO 27001 report
                    SOX report
                  MS Patch report
                HIPAA report



PACKAGE TYPE C 
Centralized Vulnerability Assessment System (CVAS)
Capability (on premise)​


    • ● CVAS design, development, implementation, training, and maintenance
      • ● Vulnerability Scans:
    •         OWASP
    •         MS Patch
              •         Automated Penetration Test
                      ISO 27001
                    HIPAA
                  SOX
                PCI

        • ● Deliverables:
          •         Summary report
      •         OWASP report
      •         PCI report​
                •         Penetration Test report
                        ISO 27001 report
                      SOX report
                    MS Patch report
                  HIPAA report
        •         Remediation report

          • ● Duration: Project-dependent​




PACKAGE TYPE D 
Security Posture Assessment (SPA) Engagement​


    • ● Gap Assessment for conformance to ISO 27001 and Conformance to MyMIS
        • ● Source code security review (using tool) 
        ● CVAS design, development, implementation, training, and maintenance​
      • ● Vulnerability Scans:
    •         OWASP
    •         MS Patch
              •         Automated Penetration Test
                      ISO 27001
                    HIPAA
                  SOX
                PCI

        • ● Deliverables:
          •         Summary report
      •         OWASP report
      •         PCI report​
                •         Penetration Test report
                        ISO 27001 report
                      SOX report
                    MS Patch report
                  HIPAA report
        •         Remediation report

          • ● Duration: Project-dependent​


  • Download Security Testing as a Service Brochure (v1.1.0) 

​ Contact us for further detail and/or discussion ​​​​​​​