Vulnerability Scanning


Vulnerability scanning is the systematic identification, analysis and reporting of technical security vulnerabilities that unauthorized parties and individuals may use to exploit and threaten the confidentiality, integrity and availability of business and technical data and information. External vulnerability scanning specifically examines an organization’s security profile from the perspective of an outsider or someone who does not have access to systems and networks behind the organization’s external security perimeter. Your external IPs be scanned once a year, once a quarter or monthly.

Read More

Mobile Application Scanning


Mobile platforms by default make certain promises about their environment. Development teams should not rely on these promises to protect critical data and code. Architecture review and threat modeling process will includes assessing and documenting security risks in the context of use cases, services, roles and functions unique to your application. The threat modeling is performed in collaboration with your business, engineering, operations and corporate security teams to understand and create the system’s security objectives, threat profile, attacks, vulnerabilities and countermeasures from design to deployment.

Read More

Darkweb Credential Monitoring


We provide the best approach to eliminate the biggest cause of massive data breaches, the weak and/or stolen password. We continuously monitor the dark web for stolen databases and identities, and maintains the encrypted data in our proprietary database. When integrated with an IAM solution, we can provide superior visibility into user-centric risk and the ability to automate appropriate corrective actions, preventing the abuse of compromised credentials.

Read More
Social Media Security Policy Development

Social Media Security Policy Development

Social Media is being utilized today within organizations with a lack of true oversight and defined policies and procedures. Social Media channels permeate most departments in an organization including Information Technology, Marketing, Human Resources, and Legal.

Without a strong Social Media Policy, a company is subject to compromised productivity, reputation damage, data loss and inappropriate and perhaps illegal behavior by company employees. These can lead to monetary and reputation loss and even regulatory compliance fines. To address the risk of both corporate users in the Social Media space and specific Social Media marketing activities by the company, a strong and diverse Social Media policy is required.


KRAA Security provides an analysis of your current policies and determines gaps that need to be addressed. We develop a new Social Media Policy for your organization based on an environmental analysis and company specific data. Our policy development process will provide guidelines, requirements, and training regimens and best practices specific to your organization.

A robust Social Media Policy will include but not limited to the following:

    • Business Understanding: Identify how the organization uses Social Media and how employees use it both at work and at home. Clear expectations must be in place to guide business needs and meet employee restriction requirements.
    • Corporate Policy Mapping: The Social Media Policy must interact with and complement Human Resource policies already in place for the organization
    • Clear Expectations: The policy must set clear expectation of both the employees and the executive leadership in how Social Media processes are used, who uses Social Media and what can and cannot be done.
    • Monitor – All corporate Social Media activity must be monitored and reported. Employee’s use of Social Media has to be tracked both in what is being said and how it’s being done.
    • Training and Education: The largest challenge is educating employees about the appropriate use of Social Media and how it impacts the company.
    • Cross Functional Requirements: Social Media Policy will affect just about all departments in the company. It is essential that all departments are participants in developing, implementing and maintaining high standards for Social Media usage.

How the Process Works

Our structured approach to Social Media Policy development requires access to different departments including Information Technology, Human Resources, Marketing and Legal among others. This policy should be part of your overall Security Policies.