services
Aura’s Information Security Consultancy Services range from simple point engagements to more standards-based security reviews that provide a current-state visual representation of your security profile.
Our services encompass:
Security Testing
Testing is a crucial phase in the security process. Our security testing services include: :
- Penetration Testing (Find out more about our penetration testing methodology)
- Vulnerability Assessment of:
- Web sites
- Web services
- Servers
- Networks
- Firewall
- VOIP
- Mobiles
- Wi-fi
- SCADA
- Physical Testing
- Social Engineering
- Independent Quality Assurance
- Code Reviews
Information Security Consulting
Many organisations conduct comprehensive security reviews in order to be compliant with government and/or international security standards. However such reviews can often be labour and cost intensive and produce a long list of issues, many of which are inconsequential because they don't have a significant business impact to the organisation.
In line with Aura's ethos of assisting organisations to become more secure, we have developed a more pragmatic approach to security reviews. They are still standards-based (e.g. NZISM, ISO27001/2, SIGS, PCI DSS) but are tailored to the size and risk profile of the organisation. From many years of experience in the Information Security industry, Aura Security Consultants can quickly assess your organisation's security profile, carry out a risk assessment and then provide practical security advice, the actions from which are guaranteed to make you more secure.
Other example policy, process and planning advice delivered by our Security Consulting practice includes but not limited to:
- Information Security Strategies
- Information Security Policies
- Information Security Requirements
- Incident Management Planning
- Secure Information Architecture and Design
Information Security Training
One of the most effective forms of information security defence is a top-to-bottom approach which enables your developers and IT staff as well as senior managers to become more security aware. The training involves learning ethnical hacking techniques, i.e. "Teaching the Good-Guys Bad-Tricks".
We run both one and two day courses. more ...