architecture services

Security Architecture

Verbigena specialises in assisting organisations to maximise the value of their security investment by developing security architecture standards and frameworks which will drive the selection of technology architecture and processes. Without an alignment with business objectives, technology investment will be unable address the evolving business and compliance requirement.

We produce strategically aligned artefacts, design solutions and offer guidance to facilitate delivery of business services. Our security architecture and design aptitude covers various domains, this include

  • Application Security
  • Compliance Security
  • Identity and Access Management
  • Information Privacy
  • Infrastructure Security domain
  • Business Impact Assessment
  • People and process security requirement

We assist our clients to develop IT security strategy, framework design, blueprints, logical patterns, technology patterns and IT security standards

Verbigena partners have track record of successful delivery of enterprise security solutions in large organisations including   financial institution, government and healthcare sectors. We have adopted industry recognised architectural framework such as TOGAF, SABSA and Zachman. We have the skill to adapt these frameworks to define your baseline architecture and your future security needs in line with your business objectives.

Security Consultancy Services

Verbigena consulting offers the widest portfolio of information security services in the industry with expert knowledge gained through extensive experience delivering security solutions to companies in a range of industry sectors. Because every customer is unique, each of our services can be tailored to meet a range of business requirements.  We will operate in the capacity of Information Security Subject Matter Expert (SME) for both the technical and business stakeholders.

Hundreds of projects of varying complexities have been successfully delivered through our security consultancy services; majority of our clients are FTSE100 companies.

Our current portfolio of security consultancy services includes:

  • Production of contract security schedule
  • Supplier (3rd Party) Security Assessment
  • Development Security Design Documents
  • Managed Security Services
  • Security Programme Implementation
  • Security Awareness Training
  • Security Audit

Vulnerability Assessment and Penetration Testing

The internet has its benefit and downside. It created globalisation, flexibility and ease however it also creates a channel for the criminals and fraudsters to steal, damage or corrupt the data which is very crucial to your business continuity and viability. We all prefer to do business online and as a result provide information that are confidential to us, such as, credit cards numbers, medical record, authentication data and other personally identifiable data.  Consumer confidence is eroded daily from the plethora of news in the media about internet hacking, website and data compromise.  This is the case because attackers are aware of the valuable information accessible through the web and make every effort to obtain it maliciously or by exploiting vulnerability in the application or business environment.

Verbigena highly skilled team of security experts can undertake internal vulnerability assessment of your business environment to identify where vulnerabilities exist in your existing technologies and business processes. Our experts adopt a technical and non-technical approach to complete the vulnerability assessment exercise. The output of the assessment is a report which includes vulnerability type, severity level, technical explanations and remediation instructions.

Verbigena team of security experts also conducts a penetration testing of application and infrastructure components within your organisation. Penetration testing activity builds on the vulnerability assessment exercise by attempting to manually exploit the identified vulnerabilities in a similar way internet criminals would have exploited the vulnerabilities.

Some of the vulnerability areas in scope are:

  • Parameter Injection
  • SQL Injection
  • Cross Site Scripting
  • Parameter Overflow
  • Character Encoding
  • Brute Force Authentication
  • ..and many more

Bespoke Assessments include:

  • Web and Application Security Assessment
  • Network Security Assessment
  • Internal Network Audit
  • Wireless Security Assessment

Network Security Assessments include:

  • Firewall Assessment and Audit
  • Intrusion Detection and Prevention configuration review
  • Routers, switches and other network device assessment
  • Windows server configuration assessment and auditing
  • Microsoft Active Directory assessment, relating to GPO and other settings
  • Unix-based server assessment and auditing (including Linux, Solaris, Tru64 and others)
  • 11 wireless security assessment tasks; identifying networks and attacking them.