Information Security Diagnostic

Combines network, endpoint, server, GCB, and database security reviews to meet compliance, deliver actionable guidance, and strengthen both technical and administrative defenses.

1. Network Architecture Review
Evaluates network diagrams for security design, redundancy, access control, device management, and placement, detailing risk levels, impact, and specific remediation guidance.2. Malicious Activity Analysis
Packet Capture & Analysis: Deploys at strategic points for at least 6 hours to identify abnormal outbound traffic or DNS queries and match against known malicious IPs or C&Cs. Flags require usage verification.
Log Analysis: Reviews firewall and IDS/IPS logs (covering ~1 month or 100MB) to detect unusual external connections, with follow-up validation on flagged devices.

3. Endpoint Threat Review
. Malware & Account Checks: Inspects PCs for active or dormant malware, hacker tools, and suspicious accounts or groups.
. System & App Updates: Reviews Microsoft OS and application patch levels (Office, Adobe, Java), ensuring unsupported software is identified and recommended for removal.
. Antivirus Posture: Verifies installation, update status, and regular scans of antivirus solutions.

4. Server Threat Review
. Malware & Account Checks: Inspects servers for active or hidden malware, hacker tools, and suspicious accounts or groups.
. System & App Updates: Reviews OS and application patch levels (Office, Adobe, Java), flags unsupported or unsuitable systems, and recommends decommissioning where needed.
. Antivirus Posture: Verifies installation, update health, and routine scans of server antivirus solutions.

5. Directory Server Configuration Review
Assesses AD server configurations against Taiwan’s GCB standards to verify compliance with secure baseline practices.
6. Firewall Rule Assessment
Reviews firewall rules (external to internal, internal to external, internal to internal) to ensure proper source/destination IP and port controls, with checks for risky defaults like “Permit All/Any” or “Deny All/Any.”
7. GCB Compliance Review
Workstation Configuration: Evaluates end-user OS settings against Taiwan’s GCB standards to confirm secure configurations.
Server Configuration: Similarly reviews server OS settings per GCB guidelines to ensure compliance with mandated security baselines.
Browser Configuration Review
Checks browser security settings against GCB standards to verify compliant configurations.
Network Device Configuration Review
Assesses network equipment settings per GCB guidelines to ensure secure baselines.
Application Configuration Review
Reviews application settings following GCB requirements to confirm organizational compliance.
8. Database Security Review
Focuses on databases owned or managed by the organization, assessing seven key areas: privileged account management, data encryption, access authorization, audit logs, outsourced management, backup protection, and vulnerability handling. Through interviews and on-site checks, it evaluates compliance, security strength, and implementation, delivering expert recommendations across 30 assessment items.
Back