You will get a NIST SP-800 115 External Penetration Test of your Organization or Website
Michael S.
You will get a NIST SP-800 115 External Penetration Test of your Organization or Website
Michael S.
- Delivery Time 45 days
45 days
delivery —
Nov 3, 2024
Revisions may occur after this date.
Upwork Payment Protection
Fund the project upfront. Michael gets paid once you are satisfied with the work.
Project details
Penetration Testing
Methodology
Based on the globally recognized NIST SP-800 115 standard for information security testing, this exercise will identify weaknesses, vulnerabilities, and exploits in information systems, networks, and applications.
The objectives of this initiative are as follows:
• Reduce organizational risk. Penetration testing will identify vulnerabilities and exploits in your information technology assets. Testing analyzes operating systems, applications, and services for means that a malicious attacker may exploit to gain access to your critical systems, and data.
• Test your security effectiveness. Cybersecurity Analysts will work with your team to evaluate effectiveness of your defensive controls.
• Prioritize remediation actions based on real-world attack potential.
Regulatory Compliance
This service complies with the following regulations:
• HIPAA §164.308(a)(1)(ii) (A)
• PCI Requirement 11.3.1 & 11.3.2
• DFARS / NIST SP800-171 Requirement 3.12.1
• Gramm-Leach-Bliley Act §501(b)
• New York State Department of Financial Services 23 NYCRR 500 §500.05(a)(1)
• Federal Trade Commission 16 CFR Part 314 §314.4
Methodology
Based on the globally recognized NIST SP-800 115 standard for information security testing, this exercise will identify weaknesses, vulnerabilities, and exploits in information systems, networks, and applications.
The objectives of this initiative are as follows:
• Reduce organizational risk. Penetration testing will identify vulnerabilities and exploits in your information technology assets. Testing analyzes operating systems, applications, and services for means that a malicious attacker may exploit to gain access to your critical systems, and data.
• Test your security effectiveness. Cybersecurity Analysts will work with your team to evaluate effectiveness of your defensive controls.
• Prioritize remediation actions based on real-world attack potential.
Regulatory Compliance
This service complies with the following regulations:
• HIPAA §164.308(a)(1)(ii) (A)
• PCI Requirement 11.3.1 & 11.3.2
• DFARS / NIST SP800-171 Requirement 3.12.1
• Gramm-Leach-Bliley Act §501(b)
• New York State Department of Financial Services 23 NYCRR 500 §500.05(a)(1)
• Federal Trade Commission 16 CFR Part 314 §314.4
Cybersecurity Expertise
Audit, Risk Assessment, Gap AnalysisTechnology Type
IaaS, Computer Network, SaaS, Web ApplicationCybersecurity Regulation
PCI DSS$8,000
- Delivery Time 45 days
Frequently asked questions
About Michael
Cybersecurity Expert | Series A, Series B Growth Advisory
New York City, United States - 6:14 am local time
Strategic:
- Cybersecurity Audits (Internal Pen Testing, External Pen Testing)
- 24x7x365 Phone and E-Mail Helpdesk services (Traditional Managed Service Provider (MSP) Offerings)
- Augmented IT Operations for Existing Heads of / Directors of IT (HelpDesk Services, SOC/NOC)
Tactical:
- SharpSpring Marketing Automation
- Freshdesk Expert
- eCommerce (Shopify etc.) Storefront Expert
- Atlassian Confluence Expert
- IT Glue Expert
- PipeDrive Expert
- New WAN Networking (Partners with over 250 Internet providers in North America, including Verizon, Spectrum, Pilot, and many others)
- LAN Networking (Managed Wi-Fi services, NetGear Expert, Cisco Networking)
Steps for completing your project
After purchasing the project, send requirements so Michael can start the project.
Delivery time starts when Michael receives requirements from you.
Michael works on your project following the steps below.
Revisions may occur after the delivery date.
Project Kickoff
Your engagement will start with a project kick-off meeting. During this meeting, a security analyst will review and establish the rules of engagement for the testing. These rules outline parameters for the analysts performing the test.
Reconnaissance
The goal of reconnaissance is to find areas of weakness within the tested environment. The Cybersecurity Analyst(s) will attempt to exploit these weaknesses in the next project phase.