Vulnerability Scanning


Vulnerability scanning is the systematic identification, analysis and reporting of technical security vulnerabilities that unauthorized parties and individuals may use to exploit and threaten the confidentiality, integrity and availability of business and technical data and information. External vulnerability scanning specifically examines an organization’s security profile from the perspective of an outsider or someone who does not have access to systems and networks behind the organization’s external security perimeter. Your external IPs be scanned once a year, once a quarter or monthly.

Read More

Mobile Application Scanning


Mobile platforms by default make certain promises about their environment. Development teams should not rely on these promises to protect critical data and code. Architecture review and threat modeling process will includes assessing and documenting security risks in the context of use cases, services, roles and functions unique to your application. The threat modeling is performed in collaboration with your business, engineering, operations and corporate security teams to understand and create the system’s security objectives, threat profile, attacks, vulnerabilities and countermeasures from design to deployment.

Read More

Darkweb Credential Monitoring


We provide the best approach to eliminate the biggest cause of massive data breaches, the weak and/or stolen password. We continuously monitor the dark web for stolen databases and identities, and maintains the encrypted data in our proprietary database. When integrated with an IAM solution, we can provide superior visibility into user-centric risk and the ability to automate appropriate corrective actions, preventing the abuse of compromised credentials.

Read More
Social Media Security Social Media Security Assessment

Social Media Security Assessment

The first step in developing the Secure Social Media (SSM) framework is to put a process in place that can be tracked, measured and monitored over time. A framework for security must anticipate future Social Media developments and how they will impact security.

The SSM framework analyzes the security environment and puts it into context of an overall security strategy for the entire corporation, including such departments as Information Technology, Human Resources, Marketing and Legal. The KRAA Security framework for the implementation of a complete SSM strategy is the H.U.M.O.R matrix as defined below. All steps from assessment of the environment, tools being used and policies in place are covered in this assessment framework.

Human Resources – Human resource management provides the policies, procedures and guidance in the company for authorized use of Social Media. This function provides the correct processes for utilization of Social Media in all aspects of the company including Marketing and Information Technology.

Utilization of Resources – Utilization defines the capabilities of Social Media security tactics and how they are implemented across technologies and polices.

Monetary Considerations – The monetary resources dedicated to a Social Media strategy and a security strategy have to be aligned to best serve the company.

Operations Management – The day to day processes that must be followed to implement a SSM from a technology perspective as well as ongoing maintenance to ensure that Social Media is handled securely as technologies and Social Media platforms change.

Reputation Management – When all interactions with Social Media are calculated, the result is an effect on the reputation of the company. Reputation management is the result of good or bad implementations of Social Media strategies and provides a monitoring and reporting function to maintain an acceptable level of security and polices over time.

Our assessment service uses this framework to provide a company a structured approach to developing and implementing Secure Social Media tactics and policies. Each section of the H.U.M.O.R. matrix will outline all the requirements, tactics, policies and implementation processes necessary to move your organization to a new process to keep you secure and compliant over time, no matter what the actual social media application.

How the Process Works

Each analysis step will allow you to understand your current environment and identify resolution steps to upgrade your capabilities and maturity over time to manage your Social Media environment.  Following our H.U.M.O.R matrix, we will define recommendations for each section and provide practical guidance and written policies within each category in a very detailed format. This assessment should be part of your overall Application Security Assessment processes.