WHAT TO LOOK FOR IN A SECURITY AUDIT
Many businesses today are faced with some regulatory challenge—PCI, HIPAA, SOX, ISO, GPDR—which will require a third party security audit. Par3.IT has years of experience in both performing audits as well as remediating audits, and we can tell you that not all security audits are the same.
Do you know what to look for in a Security Audit? Here are some questions to ask your vendor:
Do scans and tests include Full subnet or just known hosts?
All ports or just well-known ones?
Black Hat or White Hat testing?
All devices or just PCs and servers?
Public IP’s verified? Scan the entire subnet?
Because not all audits are alike, some of the things you should look for in a Security Audit include: external and internal vulnerability scans, penetration test, physical security audit, social engineering test and risk assessment.