Below you can find some of the most common packets of security checks for small & medium companies or organizations, offered by TicTac:

The following checks/actions are included in:

1. Patch level – patching policy applied
2. Domain: Are all the systems part of a domain with policies about limited user rights?
3. Proxy: Does anyone use proxy for Internet access?
4. UTM solutions, firewall, IDS/IPS that are used
5. Antimalware use (enterprise antivirus + andpoint security)
6. Backup policy

Received after the check: Evaluation report about the risks, in which the level of readiness to deal with a Ransomwrae attack will be included – rating depending on the category – final/completed rating

Cost (approximately): from 400 + VAT, depending on the level of details (e.g. simple interview or parametrization check too?)

The following checks/actions are included in:

1. Penetration Test: detection of active communications, resources and protocols
2. Scan and detection of vulnerabilities in systems, software, active services, and communication protocols
3. Detection of information in network, systems and services, which could be used for further attacks by malicious web users
4. Web applications check for possible vulnerabilities, such as execution of malicious orders or code, breach of controlling and authentication mechanisms, data breach, limited security parametrization and malicious software usage

Received after the check: Evaluation report about the risks, in which will be included the following:

• List of the findings regarding the weaknesses and the vulnerabilities, in order depending on their cruciality
• Explanation and analysis of each finding
• Possible attack means and availability of factors for each weakness
• Consequences for the business and its services
• Possible/available ways to deal with the findings

Cost (approximately): from 700, when the cost depends on the complexity of the checks, which will be decided during the interview

The following checks/actions are included in:

1. Penetration Test: detection of active communications, resources and protocols
2. Scan and detection of vulnerabilities in systems, software, active services, and communication protocols
3. Detection of information in network, systems and services, which could be used for further attacks by malicious web users
4. Web applications check for possible vulnerabilities, such as execution of malicious orders or code, breach of controlling and authentication mechanisms, data breach, limited security parametrization and malicious software usage
5. Penetration Testing: attempts of attacking the system, based on the vulnerabilities that have already been detected through the penetration test (1), in order to gain access or the control of the domain

Received after the check: Evaluation report about the risks, in which will be included the following:

• List of the findings regarding the weaknesses and the vulnerabilities, in order depending on their cruciality
• Explanation and analysis of each finding
• Possible attack means and availability of factors for each weakness
• Consequences for the business and its services
• Penetration Testing results with evidences and analysis of each action of the solution
• Possible/available ways to deal with the findings

Cost (approximately): ~600, when the cost depends on the complexity of the checks, which will be decided during the interview

The following checks/actions are included in:

1. Penetration Test: detection of active communications, resources and protocols
2. Scan and detection of vulnerabilities in systems, software, active services, and communication protocols
3. Detection of information in network, systems and services, which could be used for further attacks by malicious web users
4. Web applications check for possible vulnerabilities, such as execution of malicious orders or code, breach of controlling and authentication mechanisms, data breach, limited security parametrization and malicious software usage
5. Scan from the inside to all the business systems and detection of vulnerabilities in systems, software, active services, and communication protocols
6. Systems and parameterization check (for each unit separately):

• Operating system: Parametrization, hardening, authentication mechanisms, parameterization of active protocols, protection of sensitive information during storage and transaction, mechanisms and protocols of encryption, reporting mechanisms of system actions etc.
• Data base: Parametrization, hardening, authentication mechanisms, protection of sensitive information during storage and transaction, mechanisms and protocols of encryption, reporting mechanisms of system actions etc.
• Individual systems (separately): Web servers, application server & web applications parametrization

Received after the check: Evaluation report about the risks, in which will be included the following:

• List of the findings regarding the weaknesses and the vulnerabilities, in order depending on their cruciality
• Explanation and analysis of each finding
• Possible attack means and availability of factors for each weakness
• Consequences for the business and its services
• Possible/available ways to deal with the findings

Cost (approximately): ~1000, when the cost depends on the complexity of the checks, which will be decided during the interview

The following checks/actions are included in:

1. Penetration Test: detection of active communications, resources and protocols
2. Scan and detection of vulnerabilities in systems, software, active services, and communication protocols
3. Detection of information in network, systems and services, which could be used for further attacks by malicious web users
4. Web applications check for possible vulnerabilities, such as execution of malicious orders or code, breach of controlling and authentication mechanisms, data breach, limited security parametrization and malicious software usage
5. Scan from the inside to all the business systems and detection of vulnerabilities in systems, software, active services, and communication protocols
6. Penetration Testing: attempts of attacking the system, based on the vulnerabilities that have already been detected through the penetration test (1), in order to gain access or the control of the domain
7. Systems and parameterization check (for each unit separately):

• Operating system: Parametrization, hardening, authentication mechanisms, parameterization of active protocols, protection of sensitive information during storage and transaction, mechanisms and protocols of encryption, reporting mechanisms of system actions etc.
• Data base: Parametrization, hardening, authentication mechanisms, protection of sensitive information during storage and transaction, mechanisms and protocols of encryption, reporting mechanisms of system actions etc.
• Individual systems (separately): Web servers, application server & web applications parametrization

Received after the check: Evaluation report about the risks, in which will be included the following:

• List of the findings regarding the weaknesses and the vulnerabilities, in order depending on their cruciality
• Explanation and analysis of each finding
• Possible attack means and availability of factors for each weakness
• Consequences for the business and its services
• Penetration Testing results with evidences and analysis of each action of the solution
• Possible/available ways to deal with the findings

Cost (approximately): ~1300, when the cost depends on the complexity of the checks, which will be decided during the interview

The following checks/actions are included in:

1. Penetration Test: detection of active communications, resources and protocols
2. Scan and detection of vulnerabilities in systems, software, active services, and communication protocols
3. Detection of information in network, systems and services, which could be used for further attacks by malicious web users
4. Web applications check for possible vulnerabilities, such as execution of malicious orders or code, breach of controlling and authentication mechanisms, data breach, limited security parametrization and malicious software usage
5. Scan from the inside to all the business systems and detection of vulnerabilities in systems, software, active services, and communication protocols
6. Penetration Testing: attempts of attacking the system, based on the vulnerabilities that have already been detected through the penetration test (1), in order to gain access or the control of the domain
7. Systems and parameterization check (for each unit separately):

• Operating system: Parametrization, hardening, authentication mechanisms, parameterization of active protocols, protection of sensitive information during storage and transaction, mechanisms and protocols of encryption, reporting mechanisms of system actions etc.
• Data base: Parametrization, hardening, authentication mechanisms, protection of sensitive information during storage and transaction, mechanisms and protocols of encryption, reporting mechanisms of system actions etc.
• Individual systems (separately): Web servers, application server & web applications parametrization

8. Domain network check: network architecture, separation of network & communications, parametrization of routers, switches, firewalls, extra security mechanisms (IDS, IPS, Antivirus etc.), authentication and access mechanism
9. Secure parameterization check of virtual domain
10. End-point check: parameterization, security mechanisms, client applications
11. Mobile applications: function, communications, parameterization, rights, authentication mechanisms & access management check
12. Domain’s physical security check
13. Reporting mechanisms & access monitoring check, domain, danger alert & responding actions check

Received after the check: Evaluation report about the risks, in which will be included the following:

• List of the findings regarding the weaknesses and the vulnerabilities, in order depending on their cruciality
• Explanation and analysis of each finding
• Possible attack means and availability of factors for each weakness
• Consequences for the business and its services
• Penetration Testing results with evidences and analysis of each action of the solution
• Possible/available ways to deal with the findings
• Analysis of the architecture, consulting regarding the security increase of the domain

Cost (approximately): Depending on the case and the domain type

Suggested scenarios of Social Engineering Attack:

1^st scenario: Domain Spoofing / Phishing

• The IT Manager or a colleague sends an email asking for employees’ password, for a “fake” domain migration
• The mail can be from a fake “personal” email of a manager or partner, or from a similar domain name

2^nd scenario: Phishing Attack / Domain Replication

• A link is received by the users, in which the attackers are asking for their passwords on a fake site
• One of the most possible scenarios is the fact that a “strange” access detected and changing the password via the link is suggested
• In this way, the attackers gain access to the details of others account
• This mail, regarding the change of the password, could have been sent through a similar domain name

3^rd scenario: Ransomware Attack simulation with a document without malicious payload

• A Phishing email is received, which records how many, but not who, opened it and how many of them clicked on “enable macros”, resulting in opening a Ransomware file
• It is completely safe and we will not get access to
• We perform a “virtual” realistic malicious attack, without the cleanup level
• Possible scenarios: sales, mails from fake persona or journalist, leaked documents
• This mail could have been sent through a “personal” email of a colleague or similar domain name