Intrusion Detection Specialist: Monitors networks, computers, and applications in large organizations, looking for events and traffic indicators that signal intrusion. Determines the damage caused by detected intrusions, identifies how an intrusion occurred, and recommends safeguards against similar intrusions. Also does penetration testing to identify vulnerabilities and recommend safeguards as preemptive measures.
Computer Security Incident Responder: A member of team that prepares for and mounts rapid response to security threats and attacks such as viruses and denial-of-service attacks.
Source Code Auditor: Reviews software source code to identify potential security issues and vulnerabilities that could be exploited by hackers to gain unauthorized access to data and system resources.
Virus Technician: analyzes newly discovered computer viruses, and designs and develops software to defend against them.
Penetration Tester (also known as Ethical Hacker or Assurance Validator): Not only scans for and identifies vulnerabilities, but exploits them to provide hard evidence that they are vulnerabilities. When penetration-testing, large infrastructures such as power grids, utility systems, and nuclear facilities, large teams of penetration testers, called Red Teams, are employed.
Vulnerability Assessor: Scans for, identifies and assesses vulnerabilities in IT systems including computers, networks, software systems, information systems, and applications software.
Hardening and Prevention
Nearly all incursions are preventable. Given the limited availability of cyber insurance and the high premiums it is important to focus on the cyber security footprint prior to any incidents. Every individual and business has different needs and requirements. Our team of specialists reviews the client’s digital landscape and provides the appropriate guidelines and recommendations. In addition to our in-house team, we also partner with third-party specialists when appropriate.
The Human Element
Most incursions occur not because of hardware or software failure, but because of the behavior of administrators, users, and third-parties that have been provided access. QveritySecure applies the same investigative tools and techniques to address the human part of cyber security. A typical review produces a detailed list of individuals with access and the nature of that access. These reviews always lead the enhancement of security guidelines and additional recommendations.
Even the most carefully hardened digital footprint can be compromised. We treat those moments as an eventuality and provide the client with detailed disaster recovery plans. These includes physical offsite backups, lockdown procedures, and other elements needed to return to a normal state.