SecureState’s StateScan service is a packaged solution designed to provide your organization with a comprehensive assessment of your perimeter security posture. Throughout the year an External Penetration Test, quarterly Vulnerability Scanning, and quarterly Firewall Ruleset Reviews will be performed in order to provide a detailed analysis of existing vulnerabilities and their potential to be exploited. The SecureScan Premium package also includes a Grey Box Web Application Security Assessment, 4 ad-hoc Vulnerability Scans, and trending between scans. The ultimate goal of the StateScan service is to assess the implementation of controls at your perimeter and provide expert guidance to mitigate vulnerabilities that may lead to a breach.
Many organizations’ external presence is under constant attack. To prevent a data breach, the organization must verify they are not exposed to security vulnerabilities which may aid an attacker in compromising the organization’s data. This review allows SecureState to provide detailed recommendations for mitigating weaknesses and improving the security posture of your external Internet presence to reduce the potential of a breach occurring. Whether compliance driven or as part of your security management program, the services offered within the StateScan package serve as a best practice for ensuring that your organization’s perimeter is secure, meeting periodic assessment requirements defined by various regulations (PCI), and providing input into internal risk assessment processes.
SecureState’s consultants include experts in vulnerability scanning and nationally renowned ethical hackers. SecureState is a certified PCI ASV scanning vendor. The same level of rigor required of an ASV scan is applied to all Vulnerability Scans SecureState performs. Our team is constantly working to stay at the forefront of Penetration Testing and security assessment technology as well as business trends through training, education, and speaking. Finally, a collaborative approach among SecureState risk management and compliance experts is used to evaluate identified vulnerabilities and provide recommendations for mitigating vulnerabilities that take into account compliance requirements and the attackers’ and defenders’ points of view.