Security Assessment

One World Labs conducts data collection activities and associated tests in accordance with industry best practices, including those defined by the Open Source Security Testing Methodology.  Test results are compared to industry IT security standards published by the Federal Financial Institutions Examination Council’s (FFIEC), the National Institute of Standards and Technology (NIST), International Organization for Standardization (ISO) and Control Objectives for Information.


Assessment teams are able to conduct system level tests or simulated attacks to determine the operating effectives of the controls. Systems included in the test samples are further defined in coordination with the client at the time of engagement as well as throughout the assessment.


Digital Footprint

  • An external, unobtrusive assessment to identify and profile a company’s employees, network, resources, partner relationships, and applications, using publicly available resources.


Network Penetration (Wired and Wireless)

  • An external assessment conducted as a malicious individual to attempt to exploit system and network vulnerabilities with the goal of obtaining sensitive information.
  • An internal assessment conducted as a trusted general company employee to attempt to exploit system and local access vulnerabilities with the goal of obtaining sensitive information.


Application Penetration

  • An external application assessment conducted as a malicious individual to attempt to exploit application vulnerabilities and weaknesses and gain unauthorized access to sensitive information.
  • A comparative analysis of the application access permissions is also conducted.
  • An internal application assessment conducted as a trusted general company employee to attempt to exploit application and local access vulnerabilities and weaknesses and gain unauthorized access to sensitive information.


Social Engineering

  • Assessments can also be scoped with the client and can include location visits, un-authorized access or other forms/activities.
  • Validation of employee security policies, compliance and other areas can be scoped and tested.


Physical Assessment

  • A walk through the physical building to assess the controls in place.
  • Evaluate the location and effectiveness of monitoring devices and controls.
  • Waste document assessment within the proximity of the building.

303-376-6265

Copyright © 2011. All Rights Reserved.

Created by (in)Spire Graphics