Our services aim to make vulnerability scanning and attack surface management as simple as possible, without any shortcuts. Here is a brief guide to what we offer at TrustedSite Security.
Attack Surface Discovery
TrustedSite's Discovery service helps you find your internet-facing assets, regardless of platform, network or operating system, and create a map of your cloud attack surface. Your map is continuously monitored for potentially vulnerable services, open ports and server configuration inconsistencies. When issues are discovered, you’ll be alerted immediately, and our proprietary categorization algorithm will help you prioritize what to fix first.
Firewall Monitoring shows you what's going on with every website or IP address in your arsenal, giving you insight into firewall configuration issues and weaknesses. We continually assess risk at the firewall level, and monitor for exposed ports and services and firewall configuration changes. If we discover unauthorized changes or identify anomalies, you’ll receive an alert immediately.
Website Monitoring helps you discover and monitor the risk of certificates, cookies, third-party integrations, and HTTP security headers and policies, forms, links, meta tags, and traffic.
Server Scanning detects server weaknesses and vulnerabilities, missing security patches, and out-of-date software in your web services, web frameworks, and operating systems.
Application Scanning utilizes dynamic application testing, injection testing, and testing for OWASP top 10 issues to identify coding flaws and security weaknesses on your websites that could be used to exploit your business. This service should be used on any websites or applications with a custom user experience.
If your business processes, transmits, or stores credit or debit card information you are required to comply with the PCI's Data Security Standard (PCI DSS). As an Approved Scanning Vendor, TrustedSite’s Compliance Reporting service helps you obtain PCI scan compliance in the quickest and most efficient way possible.
Some security issues simply can’t be detected through automation, so our team of experts provides additional professional services to fill in those gaps.
Compliance, Network, and Application Penetration Testing services are offered to identify potential issues that automated scanning can’t find on your most valuable assets. Our experienced pentesters will identify issues like chained exploits and business logic flaws.
We offer expert Security Reviews to help you assess your overall attack surface security strategy.