Vulnerability Scanning


Vulnerability scanning is the systematic identification, analysis and reporting of technical security vulnerabilities that unauthorized parties and individuals may use to exploit and threaten the confidentiality, integrity and availability of business and technical data and information. External vulnerability scanning specifically examines an organization’s security profile from the perspective of an outsider or someone who does not have access to systems and networks behind the organization’s external security perimeter. Your external IPs be scanned once a year, once a quarter or monthly.

Read More

Mobile Application Scanning


Mobile platforms by default make certain promises about their environment. Development teams should not rely on these promises to protect critical data and code. Architecture review and threat modeling process will includes assessing and documenting security risks in the context of use cases, services, roles and functions unique to your application. The threat modeling is performed in collaboration with your business, engineering, operations and corporate security teams to understand and create the system’s security objectives, threat profile, attacks, vulnerabilities and countermeasures from design to deployment.

Read More

Darkweb Credential Monitoring


We provide the best approach to eliminate the biggest cause of massive data breaches, the weak and/or stolen password. We continuously monitor the dark web for stolen databases and identities, and maintains the encrypted data in our proprietary database. When integrated with an IAM solution, we can provide superior visibility into user-centric risk and the ability to automate appropriate corrective actions, preventing the abuse of compromised credentials.

Read More
Compliance Solutions Physical Security Survey

Physical Security Survey

Physical Security is the most fundamental aspect of protection. It is the use of physical controls to protect the premises, buildings, site facilities, people and other assets belonging to your company. In this day and age, you cannot afford not to have a security evaluation performed on your property to protect yourself against intrusion into your company, frivolous lawsuits interruption of normal business operations or damage to your business reputation.


A KRAA Physical Security Survey (PSS) will be comprised of a comprehensive overall security survey identifying risks and will target what can be considered high risk areas. You have a due diligence responsibility to have your property assessed to prevent security incidents such as physical assaults of people, thefts against your company assets and property damage caused by vandals.

This Physical Security Survey will include physical security vulnerability assessment concepts as well as homeland security and CPTED (Crime Prevention Through Environmental Design) concepts.

Steps covered in a PSS:

  • Access control onto property, into buildings and into sensitive area that require specific access control
  • Review of current security practices established by client to ensure security of personnel, protection of property against vandalism or unlawful entry and protection of company assets
  • Review CCTV on property, any intrusion/panic alarms to determine effectiveness
  • Determine effective security methods to prevent unlawful entry or remaining of people on property by reviewing fencing, lighting, and cameras
  • Compliance with accepted Crime Prevention Through Environmental Design (CPTED) in reviewing Natural Surveillance, Natural Access and Territorial Reinforcement of your property.
  • Infrastructure survey and threat assessment to determine that your normal business operations may not be interrupted by loss of services such as utilities, telecommunications, parking restrictions too close to a building and redundancy of services
  • Review of current lighting on premises to reduce dark areas and ensure lighting is doing what it was designed to do
  • Review with management what they perceive as security concerns and possibly meet with selected employees to determine if the perceptions correlate.

We will deliver a report with pictures detailing both the current situation and any recommendations necessary to correct deficiencies. The deficiencies will be noted with practical steps and recommendations to correct the situation. The action plan would be the Project Management Plan that can be used to implement the solution to fix the problem. We interface with vendors, work with the client to purchase equipment and we work with the installer for installation and training.

How the Process Works

KRAA Security will work with your team on practical solutions, cost considerations, and implementation of the improved security measures. We will factor in the potential risk management measures to determine that you get the best investment for the recommendations we make.