A Security Review is a packaged 15 hour consulting arrangement, at a special price of AUD 2495 + GST (for 15 hours)
We can help you to mitigate specific threats, e.g. “I don’t want my email database stolen” or advise you on your current security status “am I susceptible to any of the OWASP Top 10 vulnerabilties?”. With our systems administration experience we can assess and harden servers from the outside; firewalls, HTTPS, remote access; through to the inside; logging, SE Linux, webserver and PHP permissions, Java environment, authentication, and IDS.
If you require an assessment against a compliance standard we can help. Security standards we are familiar with include PCI-DSS, ISM and OWASP AVAS though we are willing to service most other information security standards (they generally cover the same material).
We do the following:
- Discuss with you whether there are any particular current concerns you’d like us to investigate.
- Arrange remote access to your servers that are relevant to the scope of assessment.
- Take a look around on the servers, both on the OS level as well as the specific services such as MySQL, Apache/ Lighttpd / Nginx.
- We report back to you on our findings, and prioritise work. There might be improvements/changes that should be implemented immediately (within the initial review timeframe), and some that can be addressed later (additional ad-hoc work, or over time within a subscription arrangement).
- We do the urgent work, as agreed in the prior step and within the agreed timeframe/cost.
- We review the gains with you, and discuss future steps and arrangements.
I Want It
Security Review Rate and Terms
- A Security Review is capped at 15 hours by default, we do what we can within the budget you set.
- An emergency is NOT eligible for one of the packaged reviews. Emergency availability is not guaranteed for non-subscribers. You may come in as an urgent case, but we really don’t want you to stay that way. Emergencies are charged at the Unscheduled remote rate. See Open Query Pricing & Terms for current rates.
- We will invoice you after the initial review. You will pay promptly, or we may choose to not do further business with you. Yes, we do that, happy business relationships are important to us.