Services
Making sure your company is safe in an online and increasingly connected world can be a challenge. Where do you start? What risks are most important for your organization
to protect against? Cascadia Information Security can not only provide the services
you need to keep your information safe, but we'll help you figure out where to start and what services would be beneficial to your organization.
At Cascadia Information Security, we know that not all organizations can afford security services from large consulting companies or to retain their own security personnel.
That's why it's our mission to keep our services flexible and affordable to be accessible to all different types of organizations. We believe in providing long term results,
and will work closely with your team to provide follow up engagements, and to track the security improvements your organization makes.
We offer comprehensive consultations and a host of services and will help you understand the goal and results every step of the way
- Vulnerability scanning - What does your external permiter look like? Using a combination of custom in-house and industry standard tools, we can tell you exactly how inviting (or not) your organization looks from the outside.
- Security Consulting - Maybe you already have a report from us, or someone else. Maybe you don't know where to begin. We will work with you to provide recommendations for network design, authentication and authorizations, secret and identity management, and help you build the secure, reliable network your organization needs.
- External Network Penetration Testing - You've seen the vulnerabilities, now how hard is it to get in? External penetration tests build on the vulnerability scan to provide in depth reporting on the exploitability of your organization. We'll tell you how we got in, and give you recommendations on what to fix.
- Internal Penetration Testing - What happens once the bad guys get in? Either as a separate service, or as part of an external penetration test, we will show you all the information an attacker can gather from your network, and how they may be able to get it out.
- Web Application Penetration Testing - Web Applications can be tested on a standalone basis. Make sure that your web application isn't letting attackers in, or leaking information to unauthorized parties. We look for security issues caused by programming errors, misconfigurations, and unexpected user behavior.
- Full Spectrum Wireless Security Audits - We will examine your wireless environment, and detect rogue access points and assess overall wireless security. More than just wifi, we can evaluate the security of bluetooth devices, as well as RFID, NFC, and other more custom RF protocols.
- Mobile Application Security Audits - We will examine the security of your mobile application, either as a white box assessment or black box assessment. This assessment includes application vulnerabilities, API security, and on-device information storage.
- OSINT/Reconnaissance - Information gathering is the first step of any attack, and is the key to successful social engineering attacks. With this service, we will cast a wide net, and find all the publicly available information about your organization, that could be used by attackers. We will also provide guidance on how to limit the amount of information available to potential attackers.
If you have any questions about our services, please do not hesitate to contact us for more information!
