Menu

Security Testing

A threat representative approach to information security

Security testing is a process by which technical methods are used to identify findings that support the broader enterprise risk management program. Examples include regulatory-required testing, testing of new solutions, and validation of processes. A thorough security testing approach looks at vulnerabilities from several perspectives using a variety of different tools (developed in-house, open sourced or commercially licensed) that can respond to a wide range of organizational needs.

Benefits

RSM’s security testing is comprehensive and utilizes a threat representative approach. We stay aware of the latest attack vectors and model our assessments based on these attacks. The realm of cybersecurity is consistently evolving, and we consistently keep up with the latest changes.

Who needs this

Attackers are consistently finding new ways to exploit businesses’ vulnerabilities to compromise their assets and acquire sensitive information. Businesses that wish to assess where they stand against these attackers and also determine their ability to protect against cyberattacks would benefit greatly from RSM’s security testing services.

Detailed approach

RSM will work with you to identify key business objectives and suggest a testing approach to help you accomplish your goals. Examples of the types of security testing services we offer include:

  • Vulnerability assessments: Vulnerability assessments use a mostly automated approach to identify vulnerabilities in network assets.
  • Penetration testing: Penetration tests demonstrate how a malicious attacker might breach an organization, with the tests helping to prevent such an occurrence. Through penetration tests, RSM consultants will attempt to breach the organization by acting as an unauthorized user, with the ultimate goal of compromising your networks and data.
  • Red team assessments: This simulation uses the same basic approach included in penetration testing, except it is performed over a longer time period, with the main goal of being undetected by simulating attacks used by real-world adversaries. This type of testing aims to determine the effectiveness of an organization’s detective and incident response controls.
  • Application testing: Application testing identifies critical web application vulnerabilities that may be leveraged to either breach systems and applications, or gain access to sensitive data.
  • Social engineering testing: Social engineering testing assesses the security awareness of your employees through tactics that include email, phone and USB drops.
  • Wireless testing: This testing determines if wireless technologies present an unacceptable level of risk, including their configuration, hardening, usage and security of endpoints (e.g., laptops and mobile devices).
  • Database testing: Database testing provides penetration testing and security audits of databases, including MSSQL, Oracle and My SQL, with review of the database environment and associated documentation. While each security test uses different methodologies, the following is universal to all of them:

 

Subscribe to our newsletters

Subscribe


HOW CAN WE HELP YOU?

Contact us by phone +1.855.420.8473 or submit your questions, comments or proposal requests



Events

IN-PERSON EVENT

In-Person Events

We proudly sponsor and participate in events that provide innovative ideas and opportunities for you to improve and grow your business.

IN-PERSON EVENT

The Real Economy Breakfast Seminar

Join RSM’s breakfast seminar, where Joe Brusuelas and Alex Kotsopoulos will share economic insights for the Canadian middle market.

  • November 22, 2019

IN-PERSON EVENT

Fall Education Series: IFRS and ASPE annual update

Please join our Calgary office for our half-day breakfast seminar on December 3, 2019 highlighting financial reporting updates.

  • December 03, 2019

IN-PERSON EVENT

Fall Education Series: Tax Talk 2019

Please join our Calgary office for two interesting breakfast seminars in December highlighting tax updates and financial reporting updates. 

  • December 10, 2019