Select Page

ABOUT US

RSB Infosec is a dynamic and responsive online security provider.

Safeguard Your Business

We provide our clients the security solutions to keep up with the ever-changing global threats

RSB Infosec is a dynamic and responsive online security provider. Through security mapping and threat assessment we build watertight data networks and shield your data from external online attacks. Swift, reliable and agile; we keep up with the world of online security to provide continuous protection for your business.

Areas Of Expertise

We assist our clients with architecting and deployment in these domain areas

Identity access management (IAM) & privileged account security (PAS)
Deception, real-time breach detection and prevention
Detection using artificial intelligence & machine learning.
Endpoint security
Patch & vulnerability management

IT Security Assessment

q

Management Information

Having conducted an onsite assessment of XXXXX on XXXX, RSB has found a number of flaws in XXXX’s security, leading us to classify your security profile as ‘weak/medium’ overall. This report details our recommendations as to how you can improve.
At RSB, we assess your security using a number of key performance indicators. By examining the following three crucial elements of your systems, we calculate the robustness of your overall security: the confidentiality of the information you store, the number of weaknesses we have identified through our testing and the vulnerability of these weaknesses to exploitation.

Third Party Suppliers

XXXX works with XX companies, who supply XXXX services. RSB conducted due diligence (detail how) on this/both/all companies in order to assess their internal security procedures, and how any weaknesses could affect XXX.

Technical Information

  • Risk Register
  • Security Awareness Training
  • Secure Data Handling
  • Encryption
  • USB Access
  • Backup And Restore
  • System Access Levels
  • Segregation Of Duties
  • Network Access Control
  • Rogue Wireless Ap Testing
  • Incident Response Process
l

Technical Information

Our IT security assessment criteria evaluates your IT security resilience by comparing it to industry best practice.

SCOPE

  • Backup and restore process, including evidence of regular test restorations
  • Copy of Information Security policy
  • Current network diagram
  • Data protection officer role and responsibilities
  • Data workflow, process & lifecycle
  • IT Risk Register

Ongoing Recommendations

The section is for reference, and contains details of the recommended actions to increase the security posture of the overall environment.

Our Tools

Some Of The Tools We Use

System Programmes

Ping, Traceroute, Whois, Dig, Host, Finger, Netstat

Fingerprinting/Port Scanning

Nmpa, THC-Amap, GIF LANguard-3, Firewalk, Solarwinds toolsets, Hping2Vulnerability

Scanners

Qualys, Acunetix, ISS Internet Scanner, Sam Spade, SARA, GFiLANguard-7, Nikto, Hping2, N-Stealth, WEPCrack, SuperScan, Retina, SAINT, Xprobe2, Shadow Security Scanner, CodeSpy

Traffic Profilers

AirSnort, Snort, Ntop, Netcat, Odysseus

Sniffers

Hunt, Kismet, Ettercap, Dsniff, Ethereal, Netsumbler, TCPDump

Our Methodology

Web Application Assessment

Our application security experts will scan all existing third party survives (eg web portals, firewalls, service providers).

Testing includes:

  • Broken Access Control
  • Broken Authenication and Session Management
  • Buffer Overflows
  • Cross Site Scripting (XSS) Flaws
  • Customised Software Analysis
  • Denial of Service
  • Improper Error Handling
  • Injection Flaws
  • Input Validation
  • Insecure Configuration Management
  • Insecure Storage
  • Password Cracking/Payload Development (Exploits)
  • Perimeter Device/Operating System/Service Assessment
  • Reverse Engineering the Stack

Penetration Testing

Theory’s great, but we like action. What better way to show our clients the severity of system vulnerability than to perform a dry-run of a potential attack. Exploitation of vulnerabilities can lead to privilege escalation of denial of service (DoS) against the computer that is attacked. The attacks can slow down or completely cripple your system. By using their access to your site, malignant hackers can then use this to gain access to client systems.

Our security analysts (whilst ensuring that there will be no effect to your continuation of service) carry out the attacks that we have identified as being a weakness of your system. Our security analysts will then leave behind evidence of their access to your client system.
This step is essential to see how far your vulnerabilities can be penetrated and what defensive steps need to be taken to protect your system

Secure Architecture Design Review

In our Secure Architecture Design Review, we take four distinct steps to ensure that you have a comprehensive and complete plan for improving the security of your site.

STEP-1

Review documentation, policies and processes related to network design. Evaluate your current requirements.
U

STEP-2

Evaluate each host used by performing a Vulnerability Scan and Penetration Testing of network devices.

STEP-3

Conduct an on-boarding interview with each of your administrators; informing and updating on industry best practice standards on infrastructure design and existing threats and updating them on the results of our review.
i

STEP-4

Assess your organisational processes and ensure that correct escalation, incident response and solutions, and follow-up procedures are in place.

Technology Partners

Carbon Black

CyberArk

Dark Trace

Qualys

SailPoint

TrapX

Contact Us

7 Sutton Hall Road, Hounslow, London TW5 0PX, United Kingdom
Room 301, Reliance Center, Woodvale Groove, Westlands, Kenya

Get Started

Having access to the right data about your
business is everything. And with RSB you have
a team of experts to hand.