InfoSec Services

1 

Internal Penetration Testing

Our team of expert ethical hackers use the latest techniques to simulate real-world attacks and identify vulnerabilities in your systems. We will provide you with a detailed report of actionable recommendations to strengthen your defenses. 

​

Our penetration tests simulate an attacker on the inside of your network. This could be either an attacker who is successful in breaching the perimeter through another method or a malicious insider. The goal of the consultant with this assessment is to identify any and all potential weaknesses in multiple areas including:

• Security misconfigurations

• Permissions weaknesses/gaps

• Hardware/Software vulnerabilities

• Use of outdated/insecure protocols

• Insufficient authentication controls

• End of life or unpatched systems

• Susceptibility to Man-In-The-Middle and Brute Force attacks

• Use of default credentials on management applications

• Multiple other threat areas

Upon completion of an internal penetration test, your organization will receive a detailed report of all findings, their corresponding risk, and detailed remediation recommendations for each item. After an internal penetration test has been performed and the remediation steps have been taken, your organization can feel confident that any potential weaknesses have been identified and eliminated, ensuring company and customer data is properly secured.

Thorium highly recommends conducting annual penetration testing, both externally and internally. New threats and vulnerabilities are discovered every day, and the cybersecurity landscape is fast evolving.  If you’d like to utilize Thorium to further protect your company, clients, and assets, reach out to us today.

2

External Penetration Testing

An external penetration test simulates a sophisticated adversary by identifying potential vulnerabilities/weaknesses within your organization’s internet-facing systems and web applications. Thorium Information Security uses the latest tools and techniques to identify all potential issues so you can protect yourselves against ransomware and malicious actors.

The Thorium external penetration test/assessment includes the following tests:

• Searching for publicly available information online

• Retrieving public Domain Name Service (DNS) records

• Identifying the organization’s public IP address range

• Identify systems/applications accessible over the Internet (banking, email, etc.)

• Conducting extensive port scans to identify services

• Enumerating running servers, workstations, services

• Conducting Simple Network Management Protocol (SNMP) scans

• Attempting to utilize remote access protocols

• Analyzing email servers (open relay, anonymous email, etc.

• Analyzing web servers (default configuration, sample scripts, etc.)

• In-depth website and web application analysis

• Conducting vulnerability scans of systems and network devices

• Exploiting systems when possible, including brute-force attacks

• Evaluating test results and identify false positives

These tests are conducted with minimal information provided by the organization. The idea is to simulate a “hacker” in the wild with no inside information about systems or technologies used. The end product of this engagement will be a full report outlining the tests performed, results of testing, along with remediation recommendations for any and all potential weaknesses identified.

An executive summary will be included that describes in layman’s terms what the weaknesses are, their underlying risk, and what should be done about them. A detailed testing matrix with analysis of data and specific recommended actions will also be contained within the report, including screenshots and demonstrations of successful exploits/attacks.

3

Risk Assessments

Whether it's for a specific compliance body (HIPAA, FFIEC, GLBA, etc.), or for your own information security program, Thorium performs in-depth risk assessments to identify gaps, and provide guidance on securing your network (and keeping it that way). For example, Thorium's HIPAA risk assessment:

​

Conducting a HIPAA risk assessment is an important step in ensuring compliance with HIPAA regulations and protecting the privacy and security of PHI. A thorough risk assessment can identify potential vulnerabilities and risks within your organization and help you develop a plan to address them. Conducting a HIPAA Risk Assessment can be done internally, or by a qualified third party. The steps followed are:

Step 1: Review HIPAA Regulations

Before conducting a risk assessment, it's essential to understand the requirements set forth by HIPAA. Review the latest Privacy, Security, and Breach Notification Rules to ensure that you understand what is expected of your organization. 2022 saw changes to the HIPAA guidelines which should be reviewed.

Step 2: Identify PHI

Identify all of the places where PHI is collected, stored, and transmitted within your organization. This includes electronic PHI (ePHI) and paper PHI.

Step 3: Assess Current Security Measures

Assess the current security measures in place to protect PHI, including firewalls, intrusion detection systems, and encryption. Evaluate the effectiveness of these measures and identify any gaps or vulnerabilities.

Step 4: Conduct a Risk Analysis

Conduct a thorough risk analysis to identify potential threats, such as hacking, malware, and natural disasters, as well as vulnerabilities, such as weak passwords, unsecured networks, outdated systems/software, and lack of access controls.

Step 5: Identify and Prioritize Risks

Identify and prioritize the risks identified in the risk analysis. Consider the likelihood of a risk occurring, as well as the potential impact on your organization.

Step 6: Develop a Risk Management Plan

Develop a risk management plan to address the risks identified in the risk analysis. This plan should include measures to mitigate or eliminate risks, as well as incident response procedures in case of a breach.

Step 7: Implement and Monitor Security Measures

Implement the security measures outlined in the risk management plan and monitor them regularly to ensure that they are effective.

​

Step 8: Conduct Regular Risk Assessments

Conduct regular risk assessments to ensure that your organization remains compliant with HIPAA regulations and to identify any new risks that may arise.

It's important to note that conducting risk assessments is a continuous process; your security measures and policies should be regularly reviewed and updated to reflect the changes in technology, the organization, and the environment. Additionally, it is recommended to work with a certified professional or a cybersecurity consulting firm that specializes in HIPAA compliance to assist you in conducting the risk assessment and developing a comprehensive risk management plan, and ensuring no stone goes unturned.

At the conclusion of a HIPAA Risk Assessment, Thorium will assist in creating a comprehensive security plan, including incident response procedures and regular monitoring to ensure continued compliance. This service is targeted at healthcare providers, health plans, and their business associates that are bound by the HIPAA regulations to protect the privacy and security of patient health information (PHI).

4

Vulnerability Management

Thorium's comprehensive Vulnerability Management Program helps identify and manage vulnerabilities in your systems and networks on an ongoing basis to maintain the security of your systems and protect sensitive information. Please see our Vulnerability Management page for more information.

5

Virtual Environment Assessment

Thorium has a deep understanding of virtualized infrastructure. Whether it's VMware, KVM, Citrix, or Oracle, our team of engineers can analyze your virtual environment for security vulnerabilities, deployment missteps, misconfigurations, or non-adherence to best practices. We then develop a detailed report of expert recommendations to improve the security of your environment.

​

Thorium's virtual machine infrastructure assessment provides a crucial service in today's ever-evolving technological landscape. This assessment involves a comprehensive analysis of an organization's virtual machine infrastructure to identify potential vulnerabilities, threats, misconfigurations, and to ensure the use of industry best practices.

The virtual machine infrastructure assessment begins with a thorough review of the organization's existing virtual machine environment, including its configurations, policies, and procedures. Thorium's team of experts will examine your organization's virtual machines' security posture, identifying any weaknesses or misconfigurations that could lead to a breach or cyberattack. Thorium will consult each virtual environment vendor’s documentation on security best practices for stand up, hardening, and operation of their virtualization software, and compare these standards with your organization’s implementation.

The virtual machine infrastructure assessment will also examine the organization's virtual machine backup and recovery procedures, ensuring that the organization's data is protected and recoverable in the event of a disaster or cyber-attack.

Thorium's Virtual Environment assessment includes an analysis of the organization's virtual machine infrastructure's compliance with any applicable industry and regulatory standards, such as the Payment Card Industry Data Security Standard (PCI DSS) or the Health Insurance Portability and Accountability Act (HIPAA). This analysis will ensure that the organization's virtual machine infrastructure is meeting the required standards for the industry it operates in.

After the completion of this assessment, Thorium will provide a detailed report of findings and recommendations, providing the organization with actionable steps to improve its virtual machine infrastructure's security posture. This report will include a prioritized list of vulnerabilities and recommendations, allowing the organization to address the most critical security risks first.

6

Cloud Environment Analysis

Cloud environments offer numerous benefits, including flexibility, scalability, and cost savings. However, they also come with unique security challenges that require a comprehensive approach to protect sensitive data and maintain business continuity. Our Cloud Environment Security Audit is designed to provide a deep dive analysis of security settings, permissions, and other critical areas for popular cloud providers such as Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform, and IBM Cloud.

Our team of experienced security professionals will conduct a thorough review of your cloud environment, identifying vulnerabilities and weaknesses that could leave you exposed to cyber attacks. The audit includes a comprehensive review of security policies, access controls, network configurations, encryption, and other critical areas to provide a holistic picture of your cloud security posture. Our experts use a combination of automated tools and manual testing to identify gaps in your security controls, which could leave you vulnerable to attack.

​

Once the audit is complete, we provide a detailed report with actionable recommendations to help you mitigate risks and safeguard your data. Our experts work closely with you to develop a customized plan to address identified issues, implementing best practices to enhance your security posture. Thorium believes that a proactive approach to cloud security is essential to protect your business from cyber threats. Our Cloud Environment Security Audit provides you with the insights and guidance needed to operate your cloud infrastructure with confidence, ensuring the highest level of security for your business. Don't let your cloud environment become a liability. Contact us today to schedule a Cloud Environment Security Audit and take the necessary steps to secure your business.

7

Active Directory Audit

An extensive evaluation of your organization’s Active Directory environment to identify any potential attack vectors or permissions issues within your network. Thorium uses the latest tools to investigate multiple different AD areas thoroughly and includes the following, and more:

• Identify potential attack vectors (i.e. escalations, lax groups)

• Find all user/group permissions issues

• Identify over-provisioning of server permissions

• Locate forgotten/test/rogue accounts

• Ensure “least-privilege” best practices are followed

With the proper permissions, Thorium will gather the necessary information, analyze the data, and create a detailed report laying out each potential problem area. For every possible issue, Thorium will develop a recommended remediation plan with details regarding what the issue is, why it’s considered a risk, and how to fix it.

An executive summary will be provided to show how the organization’s Active Directory environment fares in comparison to its peers, as well as bring any high-risk areas to the surface.

8

Custom Projects

If you're looking for something else, our team has expertise in nearly every facet of information security, and can tailor a custom project to fit your needs. Whether it's an ad-hoc analysis of your Google Workspaces environment configuration, a thorough review of your VMware deployment & maintenance plan, or a full review of your Information Security policies, Thorium has you covered.