Secure Access for Enterprise Assets
In today's global online economy your business goals can only be achieved in a secure environment. PERI understands that availability is tantamount to security. Any interruption of your business can cause serious damage at incredible costs. With our unique blend of proven industry experience, expert staff, personal service and vendor neutrality, PERI delivers best-of-breed solutions tailored to the clearly defined, individual needs of our clients. PERI have been providing security services to companies and government agencies.
Policy Development
The best security technology in the world is useless without a sound policy to guide it. A company's security policy is a roadmap for decision-making and defining safety practices. Complying with the policy guarantees a company's commitment to maintaining a high level of security. Using the results of expert security policy audits, PERI helps companies develop new security policies to fit business requirements or updates existing security policies to cover changing business realities. Incident Response Planning
An integral component of a sound security policy is a well-structured contingency plan that addresses potential compromises in security. In today's digital economy, even the smallest business interruption may lead to millions of dollars in lost revenue. Companies need a thorough disaster recovery plan to rebound quickly from any suspension in service, regardless of its nature or cause. PERI develops customized Incident Response Plans for its customers, with detailed recovery procedures.
Secure Infrastructure Design
IT security is one example of the whole being greater than the sum of its parts: individual, discrete components must be logically integrated to achieve highest assurance. PERI designs and builds IT infrastructures that include security features such as Public Key Infrastructures (PKI), Virtual Private Networks (VPN), Intrusion Detection Systems (IDS), Firewalls, Smart Card Solutions, Single Sign-on, Anti-Virus Solutions, Wireless Solutions and many more.
PKE of online applications
Provide and Implement an open source identity, access management and Secure Single Sign On (SSO) solutions that securely and centrally manages identity, policy, and audits for users, machines, and services in your Linux, Unix and Windows environment using LDAP, Kerberos, biometric and PKI solutions. Implement host-based access control using open standards and access control framework. Also, assist in migrating from legacy NIS and other proprietary solutions to open and secure standards. Provide architecting, designing, planning and implementing services in all aspects of deploying and maintaining a Public Key Infrastructure for managing user identities: issue, renew, suspend, revoke and manage single and dual-key digital certificates. Also assist in integrating with third-party security software and existing applications. Enable key escrow, key recovery for retrieval in the case of corrupted encryption keys and Smart Card (token) support.
Security-enhanced Linux (SELinux)
An implementation of a mandatory access control mechanism. SE Linux offers greater security for your system. Users can be assigned predefined roles so that they can not access files or processes that they do not own. PERI believes that secure operating system is the cornerstone for system security and can provide the best practices for universal system security. Security Implementation
Based on a PERI Security Audit, a PERI Secure Infrastructure Design or a client's request, PERI will deploy all types of security services without product vendor bias.
Security Support Services
PERI provides the highest level of support services including telephone and pager support, based upon service level agreements (SLA).
Security Audit
Businesses today require a high level of sophisticated security to do business in the global economy. PERI Security Audit helps businesses identify and understand an organization's security strengths and weaknesses. A Security Audit is a comprehensive examination of the availability, integrity and confidentiality of an organization's critical information technology assets. At the conclusion of a Security Audit, clients have a clear understanding of their exposure to business risks related to their IT infrastructure.
Network Assessment
PERI expert auditors conduct a high-level survey of the IT infrastructure to include servers, hubs, routers, workstations and any other related network-connected devices. The network assessment focuses on the security of the enterprise-wide network, ranging from intranet to Internet and examines reliability, scalability and other issues.
Infrastructure Assessment
At this step, everything from physical security to written documentation from manufacturers of system components and vendor support manuals is examined. The audit includes additional individual interviews to ensure that non-documented security features are included in the final report.
Host Assessment
This phase is based on a comprehensive analysis of individual mission-critical system components-human resources, R&D, finance, e-commerce, communications, etc.-that are vital to the operation of any business.
Software Assessment
PERI experienced auditors analyze individual applications, as well as scripts and code, seeking potential security vulnerabilities. Applications are examined for vulnerabilities that may arise during development, operation, configuration or use.
Vulnerability Assessment
PERI Vulnerability Assessment helps clients identify points of failure in IT applications, networks and security policies to assure that security is implemented properly and functions as intended. Behaving as hackers would, PERI experts attempt to penetrate database servers, application servers, Web servers, file servers, mail servers and other critical IT assets via dial-up connections, intranets, extranets and other points of access. PERI offers a variety of assessment services to meet specific needs.
Zero-Knowledge Penetration Testing
Typically, senior management within an organization initiates a Zero-Knowledge Penetration Test without notifying the internal IT department. Using proprietary techniques and technologies, industry tools, and social engineering tactics, experienced PERI staff seek to gain access to the organization's IT assets and resources without disrupting client services. Tests produce an overview of vulnerabilities, whether the breach occurs via the Internet or other points of access to the infrastructure. Zero-Knowledge Penetration Testing is an effective way to assess potential security threats and identify weaknesses in theimplementation of technology, adherence to policy, and/or personnel training. PERI delivers a testing report to its clients detailing any vulnerabilities revealed by the testing and proposing appropriate measures to remedy identified weaknesses.
Full & Partial Knowledge Penetration Testing
Full and Partial Knowledge tests target specific hosts or specific vulnerabilities and are conducted with prior notice to the client's IT department. This testing examines specific security implementations. Such tests may be conducted from within a client's network or from outside. Thorough testing of individual components provides a higher grade of assurance for mission critical applications. A report is prepared at the conclusion of testing, detailing vulnerabilities that have been identified, describing procedures and results for all tests, and proposing corrective measures
Product Vulnerability Testing
PERI consultants rigorously test limits and boundaries of products, both commercial, third party products and applications developed in-house. The objective of a product vulnerability analysis is to assess the weakness in individual components of a larger system and thus prevent single points of failure. Detailed benchmarking and performance evaluations also can be performed at the client's request. A report on the testing contains all vulnerabilities identified as well as details and recommendations on product deployment. A PERI Product Vulnerability Analysis is intended not only for product manufacturers, but also for companies seeking to purchase products to improve their level of security.
Code Review
PERI conducts code reviews of discrete applications to verify stated functionalities for both developers and clients. The code review includes inspection of high- and low-level design documents, as well as functional specifications describing functionality of the product. In addition, programming code is reviewed for specific weaknesses, such as buffer overflows and boundary checks. The result of the review is a report describing the security code inspection, and if applicable, methods and/or measures to be taken to address code weaknesses and vulnerabilities.
For more information please call our Security specialists at our Global US Headquarters at 1-973-735-9500, or email us at
Email : solutions@perisoftware.com