Many organizations are exposed to various types of security threats and often need to contend with unauthorized access to the organization, exposure of sensitive data, data corruption, data fraud and even embezzlement, and more. Avnet provides some of the following services to prevent Cyber penetration of sensitive database warehouses and proprietary data theft.
Avnet's Cyber Service include some of the following:
• Investigation and identification of Zero Day Attacks in the Operating System (Windows, Linux) that are not recognized by the scanning systems;
• Modbus, OPC protocol eavesdropping using TAP or via IP networks (ARP Poisoning Eth Bridging);
• Reverse Engineering of existing threats and research and analysis of threat behavior;
• Writing spyware and Trojan Horses that are not identified by known AV;
• We provide threat surveys to system and manufacturing processes, such as SCADA, HMI and DCS or at the terminal level PLC's;
• Identification of Trojan Horses in cellular phones and in the organization's network;
• Cyber Forensics – Testing and analysis of work stations and servers, testing of protection and monitoring systems, testing of log files and event analysis of access and data theft;
• and more.
Prevention of Penetration of the Network via Spyware or Trojan.
Work Stations are often appealing to hackers as they pose a security risk which might enable access to sensitive data via the Internet. At the point of access the hacker may have a vantage point to enable him to break-in to all the organization's data servers and proprietary information. Tests to prevent this scenario are run to prepare for the eventuality of such a break-in, and its effect on the company's network.
External Strength Testing Examples
Avnet's external strength examinations include some of the following:
• Application tests to the Internet sites of the organization, including, Intranet, Company portal for service providers, and more…
• Communication tests for prevention of access via communication channels to the internet.
• Access to the network via Trojan horse or other spyware.
• Access via telephony, known as War Dialing.
• Eavesdropping on wireless networks.
• Examination of hostile take-over via long-distance work-stations (RAS, Citrix, VPN, Terminal).
• Periodic and permanent monitoring and scanning for alterations in the organization's exposure to the internet.
• Collection of intelligence on internet driven attacks.