Vulnerability Scanning


Vulnerability scanning is the systematic identification, analysis and reporting of technical security vulnerabilities that unauthorized parties and individuals may use to exploit and threaten the confidentiality, integrity and availability of business and technical data and information. External vulnerability scanning specifically examines an organization’s security profile from the perspective of an outsider or someone who does not have access to systems and networks behind the organization’s external security perimeter. Your external IPs be scanned once a year, once a quarter or monthly.

Read More

Mobile Application Scanning


Mobile platforms by default make certain promises about their environment. Development teams should not rely on these promises to protect critical data and code. Architecture review and threat modeling process will includes assessing and documenting security risks in the context of use cases, services, roles and functions unique to your application. The threat modeling is performed in collaboration with your business, engineering, operations and corporate security teams to understand and create the system’s security objectives, threat profile, attacks, vulnerabilities and countermeasures from design to deployment.

Read More

Darkweb Credential Monitoring


We provide the best approach to eliminate the biggest cause of massive data breaches, the weak and/or stolen password. We continuously monitor the dark web for stolen databases and identities, and maintains the encrypted data in our proprietary database. When integrated with an IAM solution, we can provide superior visibility into user-centric risk and the ability to automate appropriate corrective actions, preventing the abuse of compromised credentials.

Read More
Press Release KRAA Security Warns of the Top 10 Social Media Security Attacks
Summary: Gary Bahadur, Founder and CEO of KRAA Security, hosts webinar outlining the top 10 social media security attacks that corporations may unknowingly be exposing themselves to.  December 2010, Miami, Fl: KRAA Security, the prominent name in providing managed security and consulting services, hosted a 45-minute webinar identifying the vulnerable areas within a corporation where social media hackers may easily attack. Gary Bahadur, Founder and CEO of KRAA, reviewed each area in detail, concluding the webinar with recommendations on how to avoid being a target and/or victim of a potential hacker. KRAA Security offers Social Media Policy Development and Social Media Security Assessments. In brief, below are the top ten areas of attack that were addressed: 1. Employees. Employees may post sensitive or confidential information about the company and its clients. They may also click on inappropriate website links which may contain viruses that end up in company’s network. 2. Customers. The saying goes “one unhappy customer will tell nine of their friends”, and there goes your reputation. 3. Human Resources. Many companies have not implemented social media policies, leaving employees with an “anything goes” modus operandi when it comes to social networking. 4. Social Networking Worms. The 2010 “Koobface” worm stole data from Facebook, Myspace, Twitter, LinkedIn and Bebo by tricking users to download a Trojan.  5. Competitors. Competitors may hide behind fictitious profiles to gather information about your company. Or worse, they may use these fictitious profiles to attack your brand image by spreading lies about your company. 6. Scraping. Automated programs literally “scrape” data from your network to build unauthorized profiles.  7. Trojans. Trojans trick users into thinking that they are interacting with a legitimate application, while collecting data from the user’s computer.  8. Data Devaluation. Not every employee, especially recent college graduates, are fully aware of the importance of online security and of the care that must be given to sensitive information or data.  9. Phishing. Phishing entices users to provide real login information by simulating legitimate sites.  10. Impersonation. It is difficult to tell who is really behind the social medial profiles that we encounter. There is no way to know whether the profile we are looking at is that of one of our employees or of a competitor saying things in another person’s voice/account/profile. “I cannot stress enough the importance of implementing Social Media Security Policies in conjunction with Reputation Management tools. All hands must be on deck – from the Human Resources, Marketing and IT Security departments – everyone must be on the same page when it comes to what, when, where, how and by who company information is being shared. Corporations must build a training program around appropriate Social Media usage in order to avoid a potential disaster,” stated Gary Bahadur. KRAA Security holds monthly webinars, and this one about Social Media Security is already scheduled to be brought back by popular demand (actual date is to be determined). About KRAA Security – ( is trusted name in the security industry. KRAA Security’s risk assessment services protect organizations from threats through a combination of preventative measures in Social Media Security, Application Security, Network Security, Operating System Security and Compliance. Contact: Jasmine Jones KRAA Security, 888-KRAA-911