Obtain an accurate understanding of your security and risk posture, while ensuring compliance with industry regulators and information security best practices.
As a consultative firm, Praetorian brings many years of experience to the table and our in-depth understanding, technical prowess, and business acumen add significant value in enhancing our clients' security posture. Through time tested, thorough methodologies, our consultants will assess your organization's security exposure in order to provide mitigation strategies, and assist in remediation efforts.
A comprehensive security assessment can have many facets. Engagements are scoped to include one or more service lines depending on the needs of the client.
Praetorian always considers the broader set of enterprise services we have here at Qualcomm so reports and recommendations can be actionable by the people who recieve them.”
Senior IT Security Engineer
Depending on the level of rigor required, Praetorian will employ a variety of techniques for uncovering unknown vulnerabilities and risk throughout your organization's environment including:
Identifies and examines network vulnerabilities for external, Internet facing systems to determine whether they can be exploited by an attacker to compromise targeted systems or used to gain access to sensitive information. An optional external penetration testing phase includes exploitation of the underlying vulnerabilities.External vulnerability assessment methodology →
Identifies and examines network vulnerabilities for internal, Intranet systems to determine whether they can be exploited by an attacker to compromise targeted systems or used to gain access to sensitive information. An optional internal penetration testing phase includes exploitation of the underlying vulnerabilitiesInternal vulnerability assessment methodology →
Praetorian's wireless penetration testing and assessment services evaluate the security of your organization's wireless implementations and provide recommendations for improvement. An optional wireless penetration testing phase includes exploitation of the underlying vulnerabilities.Wireless security assessment methodology →
Server reviews are critical because they identify vulnerabilities that cannot be detected through network testing. This includes issues such as permissive file access controls, unnecessary accounts and local services enabled, improper logging settings, and insecure server management practices.
Active Directory reviews are critical because, like spear phishing, it is among the most exploited services currently being targeted by organized adversaries. Most major computer intrusions utilize spear phishing for initial compromise followed by Active Directory exploitation for lateral movement within the network.Active Directory review methodology →
Praetorian’s sensitive data analysis evaluates the effectiveness and compliance of security controls designed to protect sensitive information. The analysis includes a review of technical, administrative, work flow, and physical controls that assist in protecting sensitive data – such as PCI, HIPAA, PII, and IP data.Sensitive data analysis methodology →
Firewall security reviews are important because they identify vulnerabilities that cannot normally be detected through network penetration tests and black box network assessments.Firewall security review methodology →
The VPN review compares your current configuration against recommended best practices and identifies any areas of concern. The assessment includes remote and onsite configuration review as well as an architecture review.VPN security review methodology →
A network architecture review will evaluate the function, placement, and gaps of existing security controls and compare their alignment with the organization's security goals and objectives.Network architecture review methodology →
The goal of this assessment is to identify potential holes in your organization's security posture when it comes to mobile technology.Mobile device review methodology →