Information Security Health Check

Our integrated information security testing solution for the assessment of network and information system security provides improvement advice, allowing for risk control implementation and enhanced overall security protection

With 15 years of experience in information security, ISSDU is a leading information security brand in Taiwan. Our professional information security team draws on our complete information security testing resources and service capacity to conduct comprehensive information security inspections for government agencies and corporate organizations, covering: network architecture, network device log inspection, server host system settings, endpoint protection testing, and other aspects. The test methods include on-site interviews, as well as data collection and results analysis using self-developed testing tools and automated tools, to help enterprises manage overall security and make improvements to areas that require reinforcement, achieving the goal of reducing information security risks.

Comprehensive Information Security Inspection and Diagnosis to Ensure the Security of Critical Information and Network Systems

ISSDU's Service Advantages and Benefits


Professional Team

All members of our professional testing team have extensive experience in security testing and have obtained international information security certifications to provide professional test plans and services to our customers

Select Testing Tools

During health checking, we use professional testing devices including self-developed tools to detect the presence of malware on endpoints or server computers in order to identify potential risks

Rich Information Security Testing Resources

Our complete information security service resources related to SOC monitoring, various information security tests, and the integration of consulting and information security software and hardware equip us with the capability to handle different forms of project team establishment

Professional Test Reports and Consulting Services

We provide professional health check reports and remediation advice based on test results, and offer professional consulting services to help customers effectively reduce information security risks and improve overall network and information architecture security.

Information Security Health Check Service

Network Architecture Inspection

網路架構圖安全性弱點檢視。包含網路架構安全及備援機制設計、網路存取管控、網路設備管理及主機設備配置等,詳列發生事項之風險等級、說明問題範圍及影響、提出具體改善建議

Inspection for Malicious Activities in Wired Networks

  • Packet sniffing and analysis
  • Network device log analysis

Client Computer Inspection

  • Inspection for malware or malicious files on client computers
  • Client computer update inspection

Server Host Inspection

  • Inspection for malware or malicious files on server hosts
  • Server host update inspection

Directory Server Setting Inspection

針對AD伺服器組態設定,依國家資通安全研究院官方網站「政府組態基準」專區所公布安全性檢視之內容為主,以確認機關對於組態設定之落實情形


Firewall Connection Setting Inspection 

如外網對內網、內網對外網、內網對內網是否有安全性弱點,確認來源與目的IP與通訊埠連通的適當性。(包含設置「Permit All/Any」與「Deny All/Any」等2項防火牆檢測規則)

Government Configuration Baseline (GCB) Inspection

  • 作業系統_使用者電腦組態設定檢視
  • 作業系統_伺服器組態設定檢視
  • 瀏覽器組態設定檢視
  • 網通設備組態設定檢視
  • 應用程式組態設定檢視

Database Security Inspection

  • 特權帳號管理
  • Data encryption
  • Access authorization
  • Audit logs
  • Outsourced management
  • Backup protection
  • Vulnerability management

Information Security Health Check Service Flow

01

Project Initiation

Hold a project meeting to discuss, confirm project practices and requirements, and collect information about information security testing objects, operating systems, and testing software.

02

Test Planning

Staff a testing team based on project requirements, determine test objects and methods, and plan data analysis methods.

03

Testing and Data Analysis

Execute testing according to the plan and conduct malware network behavior analysis, device log analysis, and software version security analysis.

04

Reports and Consulting Services

Prepare test result and advice reports, explain test results, and provide consultation on system enhancement to customers.

Strictly Performing Testing Required by Customers

01 Regulations Governing the Classification of Cyber Security Responsibility Levels for Government Agencies (Entities)

02 Government Configuration Baseline (GCB)

03 Comprehensive test items for government agencies or enterprises

 

According to the Standards of the National Center for Cyber Security Technology, Executive Yuan

  • Network architecture inspection
  • Inspection for malicious activities in wired networks.
  • Packet sniffing and analysis
  • Network device log analysis
  • Client computer inspection
  • Server host inspection
  • Security setting inspection

ISSDU Provides You with Services that Fit Your Industry and Needs

We offer customized information security testing services