Information Security Audit & Assessment Services

HCL Security Audit and Assessment Services

HCL’s security audit and assessment services are designed to help enterprise assess their current security posture both on technical and procedural front. These services help to augment security initiatives of the organization and quickly assess the effectiveness of their security initiatives.

Benefits to Customers

Assess enterprise security posture inline with industry best practices like ISO or compliance PCI DSS and OWASP Top 10.
HCL’s gap assessment services reduce the exposure to security risk and incidents.
Try to penetrate into client’s network from outside to have the hacker view on public facing applications.
Client can have quick and real picture of the security posture by using HCL’s audit services.
Enterprise IT and security benchmark with industry best practices in order to know that where they are standing against their business competitors.

Service Details

HCL’s audit services can be used to quickly assess an organizations security posture against some specific standard or industry best practices.

Globally accredited under CERT-In, PCI counsel (PCI Authorized Scanning Vendor) to carry out audit and VA/PT services
Vast pool of globally certified consultants and Penetration testers.
Vulnerability validation using expert manual effort
Expertise in conducting holistic testing at all Network, Application and code levels

PCI Council Approved Scanning Service

With increasing card based online transactions more and more organizations are going for PCI certification to increase the confidence of stakeholders.HCL being an Authorized Scanning Vendor (ASV), which is an important requirement of PCI to conduct quarterly vulnerability scanning of PCI infrastructure. As a part of PCI approved scanning services, HCL carry out following activities:

Assist organization identify infrastructure under PCI scope
Conduct discovery scanning to identify the live hosts in the infrastructure
Conduct PCI specific Vulnerability Assessment
Examine false positives as reported by the client
As an ASV certify organization to be PCI Compliant

Wireless Security Assessment

HCL’s wireless security assessment service helps organizations in analysis of an enterprise’s overall wireless security posture. Following services are provided by HCL:

Test of wireless network environment to access security
Data analysis and data correlation performed to differentiate false alarms from true alarms
Helps organization achieve and maintain regulatory compliance
Expert level assessment and detailed remediation assistance of security risk

Business Aligned Security Assessment

HCL has rich experience in providing consulting services to clients of different industry verticals which has given it a unique advantage of providing customized security consulting. Different verticals face different challenges and the solution also varies very much, thus it is HCL’s belief that a packaged consulting approach is not sufficient.

Information Security Audit and Gap Assessment

HCL’s audit and gap analysis services are designed to help organizations identify gaps in the information security by performing audit w.r.t industry best practices like ISO 27001 etc so that same are addressed pro-actively and effectively. Following services are provided by HCL:

Security audits based on industry best practices like ISO 27001.
Audits inline with regulation or compliance like PCI DSS or RBI guidelines.

Vulnerability Assessment, Penetration Testing and Web Application Security Assessment

HCL’s VA/PT services are a safe and controlled exercise performed by security experts to validate existing vulnerabilities and quantify real world risk. HCL’s VA/PT services can be characterized by following:

Black box / white box approach for PT
Proprietary methodology that is in line with international standards like ISO 27001, OSSTMM (Open Source Security Testing Methodology Manual)
Helps organization achieve and maintain regulatory compliance along with Testing company’s security against external threat
Expert level assistance and detailed remediation assessment
Delivered out of certified and secured Security Operation Centre

HCL’s web Application Security Assessment Services are designed to provide assurance to an organization on the security of their Web Application. Service characteristics: