"> Security OCT New Draft – Drummond Group

Security OCT New Draft

Security OCT New Draft

Strengthen and improve your security practice.

Security Services

Make the most informed security decisions you can for your organization with confidence – confidence to defend against attackers with the tools at hand, address security and compliance concerns, and pass audits and assessments. We can help your organization validate your security posture through offensive security-focused services such as complex adversarial simulations, network penetration testing, application security assessments, insider threat assessments, vulnerability research, continuous security testing, virtual Chief Information Security Officer (CISO) services, and coaching.

Vulnerability Assessment

The vulnerability assessment consists of network host discovery, information gathering, scanning hosts at the network-layer and application-layer with industry leading commercial tools in search of thousands of vulnerabilities, and expert-level analysis. The vulnerability assessment can also include various types of optional testing such as authenticated scanning, user privilege escalation, and password cracking.

Penetration Testing

A penetration test, also known as a pen test, goes beyond simply identifying and validating vulnerabilities—it is a full, manual exploitation; one that mirrors a real-world attack. The process involves an active analysis of the system for any potential vulnerabilities that could result from poor or improper system configuration, both known and unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures. This analysis is carried out from the position of a potential attacker and can involve active exploitation of security vulnerabilities.

Social Engineering

Measure end-user response to phishing, spear phishing, spam and other email threats.  Even the most effective layered technical security architecture simply isn’t enough to prevent the compromise of confidentiality, integrity and availability no matter the threat vector.   The term “social engineering” has been used for years by hackers to describe the technique of using persuasion and/or deception to gain access to information systems.

Application Security

With the evolution of technology making perimeter access devices more secure and the rise in the sophistication of e-business focused attacks, the security focus has shifted to the next battlefront—applications.

Physical Security

The process begins with a characterization of the facility including identification of the undesired events and the respective critical assets. Guidance for defining a design basis threat is included, as well as for using the definition of the threat to estimate the likelihood of adversary attack at a specific facility.

Security Advisory Services

Drummond offers Security advisory services, providing subject matter expertise, guidance, and recommendations for meeting specific security mandates. Drummond security experts will work with you to understand your environment and make recommendations around your security posture to protect what matters most for your organization.

Looking for more?

Our strategic cyber security partner provides continuous defensive improvement through adversarial simulation and collaboration, helping your business protect what matters most.  Together, we bring world-class cybersecurity and compliance together to serve your business in such a way that you’re inspired to achieve success beyond what you believe possible. Talk to us and find out what our partner can do for you.

Why Choose Drummond?

Security Expertise

Everyone on the Drummond team has extensive experience in building security programs and we will help you improve your security programs.  From vulnerability scans to pen testing and social engineering, our team will help you make informed decisions about your information security program and build processes and practices with you to protect what matters most to your organization.

Compliance Leader

With over 20 years of experience, we offer a comprehensive suite of services to help you achieve compliance with complex regulatory information security mandates including HITRUST, HIPAA, PCI, SOC, ISO 27001, NIST and GDPR.

Proven Partner for Success

Drummond offers personalized services that are proven to help you strengthen your security posture.  Experience our team of highly skilled experts ready to collaborate with you and your team. Increase trust, gain expertise and experience our proven methodologies and attention to detail as we partner with you for your long-term success.

DISCLAIMER

The services offered by Drummond Advisory Services are separate and distinct from the Drummond Group Test Lab and Certification Body. The purpose of Drummond Advisory Services is to provide expert support for test planning and execution but does not negate the steps or required actions of the certification process. Use of Drummond Advisory Services will not make ONC Health IT certification, HITRUST certification and PCI compliance by Drummond Group simpler, easier, faster or less expensive.

The People of Drummond
are here to help!

Privacy Preferences

When you visit our website, it may store information through your browser from specific services, usually in the form of cookies. Here you can change your Privacy preferences. It is worth noting that blocking some types of cookies may impact your experience on our website and the services we are able to offer.

Click to enable/disable Google Analytics tracking code.
Click to enable/disable Google Fonts.
Click to enable/disable Google Maps.
Click to enable/disable video embeds.
Our website uses cookies, some from third-party services. Define your Privacy Preferences and/or agree to our use of cookies.