Untitled Document
 
 
Axxera Security Services Home   Products
 
Overview
Increased reliance on the Internet as a business medium continues to create new challenges for enterprises that deploy mission-critical initiatives via the Web. Protecting corporate data, applications, and other strategic assets from potentially harmful acts is a complex proposition. Security policies must be developed and consistently maintained, complex security controls must be deployed and monitored, and staff must be trained and ready to respond with appropriate expertise and methodologies. 

Organizations are under increased pressure from the marketplace and regulatory agencies to implement comprehensive security capabilities that enable integrated consumer, and business–to-business, web operations. Today’s enterprises have the unique opportunity to take advantage of a globally available outsourced solution that secures and protects business assets. Working with Axxera, your company can carefully plan a security strategy that not only enhances your core business, but helps create a distinct competitive advantage. 

Axxera’s Security Professional Services core premise is that Information Security solutions should be based upon each client’s fundamental business models and processes. Axxera’s consultants work in collaboration with a client’s staff to determine both high level strategic threats to critical business assets, and specific technical vulnerabilities. 

Together with our clients, Axxera devises comprehensive enterprise Information Security strategies that provide necessary security. Axxera Professional services draws upon years of collective business, Information Security and network engineering expertise, which enable Axxera Consultants to provide complete and effective business security solutions. Axxera Consultants are experts in all aspects of security consulting including, but not limited to:
 
Creation of Security Policy and Security Plan
ISecurity Assessment and Audits
Controlled Penetration Testing
Network Security Architecture Consulting
Incident Forensics and Response
Senior Security Consulting and Engineering
To download a PDF of the Consulting Services Overview, click here.
 
Security Assesment And Audit Policy
Axxera consultants have a proven track record of success and an intimate understanding of the latest security vulnerabilities. With customized analysis tools our information security consultants are able to identify malicious activities and security vulnerabilities that are often overlooked. 

Each relationship begins with a careful assessment of the client’s unique business practices and through mapping of the organizations information technology infrastructure. After identifying the client’s core business needs, Axxera develops a customized information security solution that combines expert consulting with product and service recommendations. 

Axxera’s Security Professional Services group operates on the premise that information security solutions must be based on the client’s fundamental business models and processes. Working closely with the client staff, members of our professional services team identify both high-level strategic threats, specific technical vulnerabilities, and suggest solutions to mitigate risk.

Assessment Methodology

Axxera organizes the typical assessment into three phases :
 
Phase 1
Axxera conducts a zero knowledge external penetration assessment, evaluating the security posture of the client’s network as it appears to an outsider from the internet. During this phase, a dial-up penetration test is often undertaken. Dial-up testing is conducted to determine the level of risk of intrusion from the public switched telephone network. 
 
Phase 2
Axxera typically undertakes a technical vulnerability assessment of the client’s internal systems with penetration techniques used to validate and demonstrate the presence of vulnerabilities. Internal testing is performed to eliminate the risk of being monitored from the internet and attacked by copycats. In addition, Internal testing can identify vulnerabilities that may not easily be found from the external network, but may leave the systems vulnerable to attack from insiders through dial-up, or from future vulnerabilities that come into being with the entry point gateway. 
 
Phase 3
Third phase of the assessment includes a cooperative security review of selected proactive mechanisms. During the cooperative review, Axxera consultants work with the client’s staff to review configurations of network protection mechanisms, including firewalls and routers, to identify additional vulnerabilities that may be hidden by chance or by circumstance. Such vulnerabilities may include rules that permit dangerous connections, but only from selected locations or under selected circumstances. In addition, the cooperative review identifies policies and practices that have permitted the technical vulnerabilities to come to existence. Axxera can not only help to correct current vulnerabilities, but also help to prevent the occurrence of future vulnerabilities. 

Axxera examines the sensitivity and value of existing security policies to confirm points of efficacy and develop a corporate security policy if warranted. Application Code Review Services check your source code in over 20 different security-critical areas to identify application vulnerabilities and recommend actionable solutions.
 
Security Architecture Design
Axxera Security Architecture design services include the following :
 
A review of the current network design and systems architecture in light of defined security policies and best practices
Recommendations for architectural improvements
"From scratch" designs of large and small scale secure network and system architectures
The Axxera Assessment addresses :
Whether critical components work together
Whether security mechanisms cascade for redundant protection
Whether the security perimeter is well defines and affords adequate protection
Whether systems are adequately configured to prevent unauthorized access
Whether existing policies and practices are adequate to prevent a reoccurrence of the identified vulnerabilities
Recommendations for additional safeguards to adequately mitigate risk created by identified vulnerabilities
Recommendations for residual risks and other critical
 
Vulnerability Assesment
It is nearly impossible to protect unknown assets, against unknown vulnerabilities, from unknown threats. The deployment of security capabilities: firewalls, VPN’s, Intrusion detection systems, and other tools, can only be of a real benefit to an organization if deployed correctly with an understanding of the systems to be protected. Even after all necessary capabilities are deployed, it is critical that a site be able to answer one key question: What does my network look like to an adversary? 

Axxera begins the effort with the discovery of the customer’s internet presence. This includes the discovery of e-mail domains, e-mail addresses, DNS domains, registered network blocks, and hosts. This information is cross-referenced with web searches for public servers and user e-mail addresses. Discovered targets are verified with the customer before any active scanning is performed. The customer has ultimate control over the systems evaluated.
 
Network and System Services Discovery

A combination of common and advanced, network and host discovery techniques are used to find internet connected devices. Attempts are made to discover systems even when firewalls and filters are blocking traditional host discovery techniques. The system discovery and vulnerability scanning techniques, are always as sophisticated as current attack technology. As the “State of the hack” changes, so does Axxera’s vulnerability assessment technology.
 
Host Service Scanning

Physical network design and routing are determined through use of IP scan tools, as well as simple network management protocol (SNMP) queries for the routers. First the team uses IP and/or UDP scanning tools to perform discovery of systems within the customer ’s gateways IP addresses. Each system that is discovered is scanned for active network services using a combination of public, commercial off the shelf, and proprietary scanning tools. An appropriate combination of tools is selected for each network, determined by the size of the address block and other networking characteristics. These scan results reveal the hosts which are accessible in some way from the internet and the active services on them which are permitted to pass through firewalls and routing filters. In many cases, it also shows which services are being blocked by firewall or router filters.
 
Vulnerability Identification

After host discovery, each identified system is probed for application that responds to network stimulation. Information about the operating system, network applications, and system configuration is collected and analyzed. Potential vulnerabilities in the systems are verified and categorized by risk. All data collected is stored for historical purposes. Each exposed system is evaluated for vulnerabilities that reduce its security profile. Though there are far too numerous specific vulnerabilities to discuss in detail here, the following paragraphs describe the process for identifying some of the major types of vulnerabilities. Once all active hosts and services have been identified, Axxera probes these services to identify their make and versions, and cross-references the active services against a database of potentially vulnerable services. Included in this assessment are checks for a vast amount of vulnerable Web server scripts
 
Anonymous Access

In addition to multiple versions of software, simple misconfigurations and unsecure use of certain protocols, can permit the compromise of a system. Systems that might permit anonymous access are checked for anonymous read, and even more importantly, anonymous write access. If access is discovered, the service is probed to determine if access has been granted to directories that might be used to create unauthorized access, denial of service, or to plant malicious software. Services that commonly provide anonymous access include HTTP (web), FTP and TFTP (file transfer), and NFS and NETBIOS (network file sharing).
 
Remote Procedure Call Services (RPC)

A number of services that rely on RPC protocols are vulnerable to attacks that exploit the RPC protocols, or services themselves. Systems that have active RPC services are checked for access controls, RPC protocol versions that are known to be vulnerable to spoofing, and trust relationships. In this way, recommendations are not only offered on the dangers of the general use of some of the more vulnerable services, but specific services that are vulnerable to known attacks in the active configuration and versions are listed in the vulnerabilities.
 
Findings and Recommendations
The Vulnerability Assessment Report identifies the systems being tested, describes the network protection scheme, lists the active and accessible services on each system that was tested, and describes specific vulnerabilities for each applicable system. Each specific vulnerability is accompanied by a description of its potential to permit compromise or denial of service, as well as recommended actions to correct them. The report also documents any recommended modifications to the gateway or the external network topology or architecture, and explains why the change is necessary. 

The assessment is truly a snapshot in time. Therefore, in addition to the findings, recommendations and conclusions, Axxera includes as much of the collected data as possible. Reports are typically delivered within two weeks of assessment conclusion. 
 
Security Policy And Assesment
Why Does My Company Need Policies?

Security policies are an absolute must for any organization. They provide the virtual glue to hold it all together. Imagine a small city that did not have any rules? What would life be like? The same applies to your organization.
 
Who Should Be Concerned?

Basically, everyone should be concerned with security policies because everyone is affected by them to some extent. The system users are typically affected the most as they see the policies as a set of rules to regulate their behavior and make it more difficult for them to accomplish their job. The people who have to support the infrastructure are concerned since they are the ones who have to implement and comply by many of the policies. For example, a policy that requires all Solaris hosts to be installed according to a baseline security standard would require more work on the part of the system administrators, not only for the initial installation but also for the upkeep of the system.

Security Policy Development:

Axxera’s Security Professional Services performs the following services in connection with Security Policy Development:
 
Evaluate Business Operations and Objectives
Develop organizational infrastructure for support of policy deployment, enforcement and upkeep
Review of current informal policies and procedures in place
Rectify areas that lack policies
Develop security policy framework
Develop formal policy guidelines
Train key personnel on policies
Transition policy ownership to customer’s policy upkeep infrastructure
 
Penetration Testing
Penetration Assessment

The Axxera Penetration assessment service is an in-depth review of the customer’s gateway entry points and it’s components including: firewalls, routers, switches, web servers, database servers, and other application servers. A Axxera senior security consultant conducts a security assessment of the customer’s gateway architecture. The assessment includes the following:
 
An external penetration study (from the Axxera penetration / assessment facility)
An on-site assessment
A review of critical components (firewall, routers, switches, and application servers)
A review of current protective mechanisms (firewall rule sets, router access control lists, and authentication methodologies)
A review whether the existing security perimeter is well defined and affords adequate protection
 
Detailed Documentation

A description of the assessment methodology:
 
Specific identification of weakness (vulnerability), including both system-level vulnerabilities, as well as network architecture, topology, and protocol vulnerabilities that may weaken the security profile of the network or systems
A description of each vulnerability
An assessment of the level of risk created by each vulnerability
Recommendations to mitigate risk created by each specific vulnerability
Where applicable, recommendations to establish policies or procedures to prevent the recurrence of vulnerabilities.
 
Forensic Analysis
Axxera is playing an ever-increasing role in the operational security business. In particular, the Security Operation Centers (SOCs) work with customers on a daily basis. The constant changes in the security field are one reason companies find it so difficult to adequately deal with security. These constant changes and unforeseen events make it absolutely necessary for Axxera to offer a Emergency Response Team (ERT). 

The Axxera-ERT is an operational focus group responsible for proactively providing customers with information to better protect themselves in the form of advisories detailing newly discovered vulnerabilities and observed attack trends. In addition, this team is capable of professionally handling a client system or network compromise. The four primary roles of Axxera- ERT are:
 
To respond to customer computer and network compromises
To publish critical vulnerabilities to managed and monitored customers; and, in certain cases, the community at large
To publish attack trends based in SOC data
To participate in incident response (IR) gatherings such as CERT/CC sponsored events, FIRST conferences, etc.
 
Expert Response to Malicious Activity

A quick response contract or SOW is completed and Axxera dispatches expert forensic engineers to perform the following services:
 
Verify and validate the system(s) have been compromised
Determine how the system(s) where compromised
Determine what changes have been made to the system(s) such as root kits etc
Determine what data the intruder has collected and if the data has been retrieved by the intruder
Determine the source of the intrusion
Determine if the system(s) are being used in ongoing attacks against other networks
Assist the client in recovery and restoration of service in a secure mode
Preserve evidence to be used for prosecution, at the client’s option
 
Web Application & Penetration Testing
Due to the ease of access, cost effectiveness and provision of service, the Web Application has emerged as a driving force of Implementation. Web Application has evolved to be more advanced, quicker in response times than that of desktop applications. Today Web Applications are more functional and flexible, which increases their value to business operations. It is this wide acceptability and adaptability of web applications that make them an enticing target for malicious users. The increasing complexity and use of new technologies has opened doors to greater and more devastating security risks.

Intending to commit corporate espionage, identity theft, fraud, and other illegal activities, hackers enter websites resulting in costly and embarrassing service disruptions, down-time, lost productivity, stolen data, regulatory fines, angry users and irate customers. To address these security threats and to prevent the associated negative consequences, companies need frequent and thorough web application penetration testing. Axxera consultants have a proven track record of success and an intimate understanding of the latest security vulnerabilities, and with customized analysis tools our security consultants are able to identify malicious activities and security vulnerabilities that are often overlooked.
 
What is Web Application Penetration Testing (WAPT)

Web Application Penetration Testing (WAPT) is a legally authorized, non-functional assessment of a given web application, carried out to identify loopholes. These vulnerabilities, exploited by a malicious user (attacker/hacker), may affect the confidentiality, integrity, availability of the web application and/or information distributed by it. Examples of these vulnerabilities include SQL Injection (Structured Query Language Injection), XSS(Cross Site Scripting), CSRF(Cross Site Request Forgery), Remote File Include, etc. Apart from these, vulnerabilities may exist in the underlying infrastructure like Operation System, Web Server, Application Server, and Database Server. WAPT aims at identifying and reporting the presence of these vulnerabilities.
 
Axxera’s Methodology

Axxera’s Security Professional Services group operates on the premise that information security solutions must be based on the client’s fundamental business models and processes. Working closely with the client staff, members of our professional services team identify both high-level strategic threats and specific technical vulnerabilities and suggest solutions to mitigate risk.

Each relationship begins with a careful assessment of the client’s unique business practices and through mapping of the organizations information technology infrastructure. After identifying the client’s core business needs, Axxera develops a customized information security solution that combines expert consulting with product and service recommendations.
 
Information Gathering

This is the most critical phase in the methodology as all further phases depend on this. As a part of this phase, information about the target web application should be collected: type of web application (e-commerce, social networking, e-retailing, etc), technology used (J2EE, .NET, PHP, PERL, etc), WHOIS, and trace route.
 
Planning and Analysis

All the data gathered in the above phase, is converted into usable information, in the form of a customized test plan. An important step in this phase is to prepare a checklist of tasks or areas (URLs) or applicable vulnerabilities to cover.
 
Vulnerability Assessment

This phase can also be dubbed as active information gathering phase. Various automated scans are run against the target application and its underlying infrastructure (server(s) and network); a web application is only as strong as the infrastructure it is hosted on. Vulnerability in any of the underlying infrastructure components could compromise the security of the web application. Axxera uses perimeter, internal, and external scanning methodologies to detect flaws that may be exploited for attack, identifies and prioritizes the most serious vulnerabilities, and recommends appropriate follow-up measures.
 
Web Application & Database Testing
Database breaches and the theft of sensitive data leave enterprises exposed to risk and can not only do irreparable harm to an organization’s reputation, but also result in significant costs of compliance.

Axxera’s Database Secure is a host-based, software-only, scalable database activity monitoring and intrusion prevention solution, providing full visibility into all database activity including local privileged access. By protecting the database in realtime with actionable alerts and prevention capabilities, Database Secure allows organizations to enforce security policy and comply with regulatory requirements, such as PCI DSS, Sarbanes-Oxley, SAS 70 and HIPAA.
 
Key Features
Real-time alerts delivered to the DB Secure dashboard, e-mail or to any SIEM or system management tool via SNMP, SysLog, or direct integration
Protects sensitive data by terminating activity based on policy violations, and quarantining users with suspicious activity
Out-of-the-box protection against known vulnerabilities, including SQL injection, buffer overflow, and privilege escalation attacks
Detects and blocks intra-database threats utilizing sophisticated attacks based on stored procedures, triggers and views. Monitors databases in vidualized environments, including data access from VM to VM running on the same physical machine
Efficiently supports remote sensors over WAN connections, by minimizing and compressing traffic between the sensor and served
 
Database Secure is the only solution that provides full database protection against all potential intruders regardless of location, intention or capabilities.
 
Real-Time Activity Monitoring

Axxera Database Secure gives the IT security professional full visibility of user activity on all monitored databases. Database Secure either issues alerts about abnormal user activity or stops it in its tracks. Policy is enforced based on a variety of parameters, including:
 
Specific database objects
SQL Statements
User ID
Source IP address
Applications Used
 
Easing the Burden of Regulatory Compliance

Axxera Database Secure simplifies and accelerates the process of complying with regulations, such as Sarbanes-Oxley (SOX), PCI DSS, SAS 70, HIPAA and privacy breach notification laws. Wizard driven processes and reports help meet key requirements, including: access to sensitive data, monitoring privileged user behavior, alerting on excessive valid activities and segregation of duties.

Uninterrupted Operations

Axxera Database Secure’s patent-pending host-based technology is uniquely capable of monitoring privileged user access without impacting performance, without relying on native DBMS auditing or logs, and with no need for DBMS downtime.
 
 
 
© 2013 Amigo Optima.
All Rights Reserved.
Home | Contact Us | Sitemap FacebookTwitterLinked in Rify Hosting Pvt. Ltd.