SERVICES
McDowell Associates has a proven methodology and experience in performing the following types of security consultanting engagements.
![](https://static.wixstatic.com/media/41d000_6450bf2f3c5b5ddb008a6b642ec81e45.png/v1/fill/w_82,h_57,al_c,q_85,enc_auto/41d000_6450bf2f3c5b5ddb008a6b642ec81e45.png)
Penetration Testing
Web Application - reviews the logic structure, code, methods of access and authentication mechanisms of your web-based applications. Testing for SQL injection, Cross-Site Scripting (XSS) and many other web application attack vectors.
Network - provides external and internal vulnerability and penetration assessments, VPN vulnerability and penetration tests and an analysis of VoIP within your environment.
Wireless - identifies weaknesses and vulnerabilities specific to your wireless infrastructure.
System Hardening - tests for the hardening configuration of the operating systems in use within your environment.
Mobile & Laptop - tests for the hardening configuration of the laptop hardware, encryption and operating system in case of loss or theft.
Social Engineering / Physical Security - tests for unauthorized access into your companies buildings and networks or systems via various methods.
War Dialing - identifies unauthorized modems that provide access to your network and then attempts to exploit your network through illicit devices.
![](https://static.wixstatic.com/media/41d000_f2e0678d7bb82b1be25c72c81e8193ba.png/v1/fill/w_58,h_60,al_c,q_85,enc_auto/41d000_f2e0678d7bb82b1be25c72c81e8193ba.png)
Network Security Monitoring
Detecting and responding to unknown malware attacks within the enterprise network may be a necessary capability for organizations with demanding security requirements, but it’s also a major
workload for Security Operations Center (SOC) personnel. McDowell Associates increases analyst productivity and accelerates time-to-response by automating threat detection, analysis, protection, and remediation. Integration via APIs to provide automated signature creation and distribution to Firewall and AV solutions.
![](https://static.wixstatic.com/media/41d000_ca53b89ccebb87afa01a19633a17899d.png/v1/fill/w_58,h_60,al_c,q_85,enc_auto/41d000_ca53b89ccebb87afa01a19633a17899d.png)
RESULTS
A face-to-face presentation of findings and recommendations (where applicable).
An executive summary that examines the overall assessment process and results including highlights of specific high priority vulnerabilities and findings.
A management summary that groups, categorizes, and ranks vulnerabilities by severity level, as well as recommends mitigation techniques and time/resource requirements.
Technical reports which include detailed processes and/or findings from each phase of the assessment. This report includes technical mitigation recommendations, technical process improvements and recommendations on proactive mitigation strategies, depending on the situation.