The solutions offered by AGM Solutions are able to identify vulnerabilities, threats and risks related to cyber attacks in order to maximize the IT security of any organization.
The services to analyze the level of security are:
The Vulnerability Assessment service involves the execution of a mix of automated, semi-automated and manual scans and verifications in order to detect the presence of known vulnerabilities.
The Vulnerability Assessment process is conducted with technological solutions that are designed to:
This activity must be carried out through specialized activities by company security experts with advanced technical skills capable of translating the results and identifying false positives.
The Penetration Testing service extends the Vulnerability Assessment service: starting from vulnerabilities identified in the Vulnerability Assessment phase, attacks on systems and applications are implemented to fully exploit the vulnerabilities to obtain unauthorized access to systems.
Penetration Testing shows in detail what the consequences of an attack that exploit the vulnerabilities identified may be.
This service provides analysis of the sources (made available by the customer) of the application of which you want to verify the level of security.
Unlike the Vulnerability Assessment and Penetration Testing activities, this analysis is not performed from outside the application, but by analyzing the source code in order to identify the degree of intrinsic security, identifying vulnerabilities linked to static passwords or failure to comply with rules and best practices in the development phases. The activity is carried out with the aid of IT tools that perform a series of surveys.
The activity is listed regardless of the size of the code to be analyzed.
At the end of each activity, the results are reported in two reporting levels:
The first is addressed to management and contains the high-level summary of the main vulnerabilities identified and indications on the level of security found. The second shows the detailed indication of the vulnerabilities detected and their classification, the exploits, the indications concerning the impact and the corrective measures addressed to the IT staff, any references to external documents, etc.