about us internet programs software security
    [Security Auditing] [Remote check-up] [Programming]

Security Auditing.


1. Hardware and software configuration analysis. IT Security Consulting
  • Security tuning of operational systems, software and hardware.
  • Detection of variances between software operations and system security policy.

   Poor admininistration leads to attack success. Service offered is the kind of special remote administration service, armed with configuration check-up algorithms. Directed to check configured systems, this service can reveal misfits in actual and required security policy, including attacks from the inside, since most of harmful attacks are commited from the enterprise intranet. Configuration file analysis allows to avoid unsecured areas of the network, provides system stability both for external and internal threats.


2. Support of software installed: (subscription)
  • Notification about new security holes detection, new releases, patches

   Fast reaction on new bugs revealing.Software developers should report about revealed bugs and released patches as soon as possible. But in fact, security holes often exist for months while patches are being prepeared. Subscribing to this service, you will get an efficient mechanism of notification about bugs known from the Internet. Suitable for small companies.


3. Audit of software installed: (paid one-time service).
  • database check for security holes,
  • new versions & patches upgrade
Since every software product contains bugs, it is very important to reveal them before hacker does. This service is quite simple in its origin.


4. Installing of special and supplementary software to provide IT security:
  • Setup of Firewalls, IDS (Intrusion Detection Systems), TCP proxies and other systems, developed by us or third-parties.

    Administrating service is directed to solve security problems using techniques mentioned above. You cannot be 100% confident with your system security even using firewall. Usually attacks are performed through open firewall services or by substitution of trusted host. Nevertheless, firewalls allows to differentiate access at the network level. IDS technologies are being developed at present, offering the following features to detect network attacks: flood, scanning, unathorized hostname substitution and so on. These technologies can also solve more complicated problems like network sniffer detection, file change attempts, breaking of confidential information protection etc. TCP-proxy and NAT (Network Address Translation) complicate hacker intrusion, hiding network structure and checking every request (for instance, checking every eMail message for trojan virus).


5. Security policy design for different IT systems.

    To work out security policy for informational resources it is very important to specify clear and consistent vision of system information and environment. Security policy design and implementation allows to create secured data systems using special artefacts- security profiles, based on software and hardware environment analysis.