Our services aim to make vulnerability scanning and attack surface management as simple as possible, without any shortcuts. Here is a brief guide to what we offer at Halo Security.
Attack Surface Discovery
Halo Security's Discovery service helps you find your internet-facing assets, regardless of platform, network, or operating system, and create a map of your cloud attack surface. Your map is continuously monitored for potentially vulnerable services, open ports and server configuration inconsistencies. When issues are discovered, you’ll be alerted immediately, and our proprietary categorization algorithm will help you prioritize what to fix first.
Firewall Monitoring shows you what's going on with every website or IP address in your arsenal, giving you insight into firewall configuration issues and weaknesses. We continually assess risk at the firewall level and monitor for exposed ports and services and firewall configuration changes. If we discover unauthorized changes or identify anomalies, you’ll receive an alert immediately.
Website Monitoring helps you discover and monitor the risk of certificates, cookies, third-party integrations, HTTP security headers and policies, forms, links, meta tags, and traffic.
Technology Monitoring provides an overview of the Technology discovered across your attack surface and the instances of each. Obsolete technology should be prioritized for upgrade or patch to reduce the risk level across your attack surface.
Server Scanning detects server weaknesses and vulnerabilities, missing security patches, and out-of-date software in your web services, web frameworks, and operating systems.
Application Scanning (DAST)
Application Scanning utilizes dynamic application testing, injection testing, and testing for OWASP top 10 issues to identify coding flaws and security weaknesses on your websites that could be used to exploit your business. This service should be used on any websites or applications with a custom user experience.
If your business processes, transmits, or stores credit or debit card information you are required to comply with the PCI's Data Security Standard (PCI DSS). As an Approved Scanning Vendor, Halo Security’s Compliance Reporting service helps you obtain PCI scan compliance in the quickest and most efficient way possible.
Some security issues simply can’t be detected through automation, so our team of experts provides additional professional services to fill in those gaps.
Compliance, Network, and Application Penetration Testing services are offered to identify potential issues that automated scanning can’t find on your most valuable assets. Our experienced pentesters will identify issues like chained exploits and business logic flaws.
We offer expert Security Reviews to help you assess your overall attack surface security strategy.
Third-party integrations allow you to quickly add features and tools that can help increase productivity and data consistency. Work with our team of engineers to ensure your commonly used 3rd party apps are connected with Halo Security.