Risk Assessment

...a systematic approach to identifying IT security risks

For maximum effectiveness, Fulcrum conducts two approaches to risk discovery, then proceeds to risk analysis.

"Black Box" Testing

In black box testing, vulnerabilities and flaws are discovered prior to understanding the underlying system. In other words, our analysts assess our system like an outsider trying to get in.

System Analysis

System analysis involves finding vulnerabilities based on unknown network and system architecture.

Both approaches to risk discovery include the following procedures:

• Vulnerability scanning
• Network penetration testing
• Network discovery
• Network sniffing
• Network security audits
• System inventory

Risk Analysis

After the discovery phase, Fulcrum proceeds with a formal risk analysis, to include:

• Security posture assessment
• Risk/vulnerability/threat assessment
• Security policy and procedure analysis
• Business impact analysis
• Network security violation analysis
• Emergency response/disaster recovery
• Certification