Information Security Health Check
Our integrated information security testing solution for the assessment of network and information system security provides improvement advice, allowing for risk control implementation and enhanced overall security protection
With 15 years of experience in information security, ISSDU is a leading information security brand in Taiwan. Our professional information security team draws on our complete information security testing resources and service capacity to conduct comprehensive information security inspections for government agencies and corporate organizations, covering: network architecture, network device log inspection, server host system settings, endpoint protection testing, and other aspects. The test methods include on-site interviews, as well as data collection and results analysis using self-developed testing tools and automated tools, to help enterprises manage overall security and make improvements to areas that require reinforcement, achieving the goal of reducing information security risks.
Comprehensive Information Security Inspection and Diagnosis to Ensure the Security of Critical Information and Network Systems
Professional Team
All members of our professional testing team have extensive experience in security testing and have obtained international information security certifications to provide professional test plans and services to our customers
Select Testing Tools
During health checking, we use professional testing devices including self-developed tools to detect the presence of malware on endpoints or server computers in order to identify potential risks
Rich Information Security Testing Resources
Our complete information security service resources related to SOC monitoring, various information security tests, and the integration of consulting and information security software and hardware equip us with the capability to handle different forms of project team establishment
Professional Test Reports and Consulting Services
We provide professional health check reports and remediation advice based on test results, and offer professional consulting services to help customers effectively reduce information security risks and improve overall network and information architecture security.
Information Security Health Check Service
Network Architecture Inspection
Network Architecture Security Vulnerability Assessment。
Inspection for Malicious Activities in Wired Networks
- Packet sniffing and analysis
- Network device log analysis
Client Computer Inspection
- Inspection for malware or malicious files on client computers
- Client computer update inspection
Server Host Inspection
- Inspection for malware or malicious files on server hosts
- Server host update inspection
Directory Server Setting Inspection
Regarding the configuration settings of AD servers,the security review is conducted based on the NICS.
Firewall Connection Setting Inspection
Confirm the legitimacy and appropriateness of connectivity between source and destination IP addresses and their communication ports.(「Permit All/Any」、「Deny All/Any」)
Government Configuration Baseline (GCB) Inspection
- 作業系統_使用者電腦組態設定檢
- 作業系統_伺服器組態設定檢
- 瀏覽器組態設定檢
- 網通設備組態設定
-
Database Security Inspection
- Privileged Account Management (PAM)
- Data encryption
- Access authorization
- Audit logs
- Outsourced management
- Backup protection
- Vulnerability management
Information Security Health Check Service Flow
01
Project Initiation
Hold a project meeting to discuss, confirm project practices and requirements, and collect information about information security testing objects, operating systems, and testing software.
02
Test Planning
Staff a testing team based on project requirements, determine test objects and methods, and plan data analysis methods.
03
Testing and Data Analysis
Execute testing according to the plan and conduct malware network behavior analysis, device log analysis, and software version security analysis.
04
Reports and Consulting Services
Prepare test result and advice reports, explain test results, and provide consultation on system enhancement to customers.
Strictly Performing Testing Required by Customers
01 Regulations Governing the Classification of Cyber Security Responsibility Levels for Government Agencies (Entities)
02 Government Configuration Baseline (GCB)
03 Comprehensive test items for government agencies or enterprises
參考 國家資通安全研究院 共通規範
進行資訊環境盤點、風險檢視與改善建議
- Network architecture inspection
- Inspection for malicious activities in wired networks.
- Packet sniffing and analysis
- Network device log analysis
- Client computer inspection
- Server host inspection
- Security setting inspection
ISSDU Provides You with Services that Fit Your Industry and Needs
We offer
customized
information security testing services