Services

While our core business is to provide security audits, Scanit also provides consulting services, security training, security communications solutions and reselling of security software.

Scanit engineers are trained to perform all work in a bespoke manner, only using automated scanners to occasionally double check work. This together with the fact that Scanit is entirely vendor independent, we believe makes Scanit a worthy global audit partner.

Scanit has a core business surrounding the evaluation of IT systems from a security angle, ensuring that every step of an implementation follows correct procedures, policies and guidelines. Using the knowledge that is gained during these audit phases, Scanit transforms the know how into seminars and courses, also partnering with third party vendors to optimize the quality of the audit.

Scanit does not perform any implementations of IT systems, preferring to be purely in the field of audit. Scanit is also entirely product and vendor independent, meaning that customers are able to trust the recommendations of Scanit without fear of outside influence.

Penetration Testing

How secure is the information in your company? Are your employees security-aware? Is it easy for attackers to intercept, modify, or disrupt information streams within your organization?

A Scanit penetration test, checks all the data streams and information systems within your company. Applying a combination between an actual attacker approach and a formal procedure audit, we offer a unique service.

Serving more than a quarter of the corporations listed in the GCC Top 100, we have built up a reputation of being skilled, up-to-date, and adaptive to your needs.

To name just a few areas we cover:

ISMS Training Courses
Gap Analysis & Assesments for ISMS Certification Process

Let us break your security, and tell you how to fix it. Before the bad guys do…

For further information or assistance concerning these penetration tests, please feel free to contact Scanit using the contact page.

Architecture Review

Our vendor independent expertise can provide your company with a network architecture review. With the goal of improving your network security and performance, our highly reputable consultants can assess the utilization and placement of:

routers
switches
firewalls
intrusion detection systems
and, any other devices that are part of your network

Following this assessment, your configuration files will be analyzed to ensure that current best practices are applied.

Current architecture design and its possible shortcomings will be evaluated by Scanit consultants to assist you to get the most out of the network equipment in place.

Internal Audits

Most of the security incidents happen inside an organization. The importance of good network security is often underestimated by administrators, putting the integrity of confidential company information, at stake. Network security is not something you can see, yet the risks are real. Only when a breach or incident is discovered, do the results become visible. But what if you don’t discover it?

int Most security incidents can be prevented, but being able to identify them is a profession apart. Because Scanit Engineers are not part of your internal processes and expectations, we are able to provide an unbiased picture on the state of the security present within your organization:

Scan for and exploit the vulnerabilities on your network
Review the available security policies
Advise you on how to prevent the same issues from arising again
Providing you an overview of the vulnerabilities found

To give you a more detailed idea of what Scanit can do to assist your organization; give us a call to ask for more information or make an appointment for a presentation.

External Audits

Have your Internet facing servers ever been compromised? Are you sure that you would find out, if it was done in a sophisticated manner?

ext Internet services improve the ease of delivering services and information to your customers and may save in operating costs. While internal threats continue to impose the highest risk, external attacks often don’t go publicly unnoticed and may damage your image.

Even when your staff is security aware, it remains very time consuming to stay up to date with all the latest attack trends.

That is where Scanit Engineers can assist your organization by testing your Internet facing services:

Test if all services are offered following best practices
Find information you don’t want to publish to the outside world
Check what the weakest points in your security are
Assess the configuration of the servers hosting your services
Provide you with a clear report on how to fix the problems found

For more information on Scanit Services Portfolio, please contact Scanit.

Application Reviews

Web Applications are becoming more and more popular. Companies use them to communicate information to their customers and partners. They are easy to use, efficient and accessible with a few clicks. To achieve that developers often use constantly evolving web technologies. Which can create unsecure web applications.

Seemingly simple attacks may turn out to be very damaging and display valuable information to unidentified and unauthorised visitors. To prevent this from happening, we can assist you with application audits because at Scanit, we...

have the skills and mindset of real attackers
have many years experience in the secure usage of web technology
can take a look at your code before it goes online
focus at your site's security, and less on its functionality
advise your development team to avoid the problems we find, in the future
have built up our experience testing critical applications, like online banking applications

If you want to know more, please contact Scanit if you want additional information.

Awarness Programs

Technical solutions are limited in the level of security they can add to a corporate environment. Imagine the following situations:

A team installs a wireless network in their office without prior authorization. Since the setup is easily done, IT staff is not informed. As a result, the competitor on the next floor can access your company’s network, too…
Your IT Helpdesk receives a call from someone identified as a financial executive. She requests a new email password and without properly authenticating the caller, nor checking for failed login attempts, the helpdesk employee provides a new password…
A man appearing to be an employee of a document shredding company collects your paper trash, including all documents carefully set aside for destruction by the Research & Development department, and old backup tapes from the production environment…

Scanit offers security awareness training tailored to the different needs within your organisation. Because Scanit knows, why your employees play a key role in a sound and secure setup.

Investigations

Had bad experiences with companies or people that seemed trustworthy at first?

Hired someone who turned out to be a cat in a bag?

Doing business is not only about money, it’s also about trusting the right people. Sometimes it may be difficult to verify claimed track records as presented by customers, companies, or employees. Knowing who you are dealing with, may seem even more important these days, then in the past.

We can assist you with the following services:

Employee Background Checks & Pre – Employment Screening
Incident handling & Response
Digital Investigations
Data Analysis & Computer Assisted Audit Techniques
Integrity Due Diligence examinations of an individuals or entities

When in doubt about a company or a person, the results from our checks will provide you the facts that will help you making further decisions. Contact us for more information.

BSI ISMS Consultancy

Scanit is an ISO 17799 British Standards (BSI) Silver Associate Consultant BSI

Scanit has become an ISO 17799 Silver Associate Consultant of BSI. Scanit fulfills the ambitious requirements that BSI sets for companies that become a part of the Associate Consultancy Network.

As an ISO 17799 Associate Consultant SCANIT provides the following services:

ISMS Training Courses
Gap Analysis & Assesments for ISMS Certification Process

Security Health Check

The Scanit security health check is designed to meet the Internet security needs of medium-to-small businesses. We have put together a package that will cover the key components of your security needs. This package is offered at a fixed price of 5.000 USD.

In short, the security health check includes the testing of the following:

Firewall and/or proxy server configuration
Web server security
E-Mail security
Anti-virus
Workstation security

The tests will start with a penetration test performed by one of our skilled engineers. A penetration test is a simulated network attack. Think of it as a war game for the network and systems security staff. It is an excellent way to test the robustness of your security posture and to determine if your network defences are successful in detecting and deterring an attacker.

The next step is to analyse the design of the network and computer systems to identify any possible shortcomings:

Check if the firewall and/or proxy are configured and installed to deliver maximum security, not only from attacks from the outside, but also to ensure that your employees are not able to endanger your network by running potentially dangerous software (E.g. peer-to-peer software used to exchange MP3, movies and pirated software)
Security check of a sample of workstations. This will assure that workstations are well protected against viruses and other malicious software.
Verify that your e-mail servers are configured correctly so that they cannot be abused for spamming or the sending of fake/malicious e-mails.
Check the security of the web server.

At the end of the tests, Scanit deliver an audit report that describes all the tests that have been performed. The report, delivered in both hard copy as well as soft copy, will contain detailed information on the security related problems that have been found, as well as a comprehensive description on how to solve them. In addition a copy of all software tools used will be supplied. Scanit engineers are happy to be shadowed by client’s staff as we believe this helps to provide a full knowledge transfer.

Recruitment Services

The recruitment portal of Scanit was created to fill a much needed gap in the IT Security industry of the Middle East. The aim of this portal is to bring talented individuals from around the globe to help increase the levels of IT Security in line with both international and industry best practices, while at the same time filling the technical gaps.

The portal is currently advertised in key geographical locations where we believe the required talents can best be found, these areas include, South America, Iran and Eastern Europe. In each area Scanit has partnered with a local and trusted IT Security company which help in the recruitment process depending on the customers’ requirements.

"Scanit believes that through its in depth knowledge of the Middle East IT Security market, as well as it’s close relationships with key enterprises and local organizations, we are able to find suitable candidates to help increase the security level of the Middle East."

Packages:

Bronze Level Recruitment
Silver Level Recruitment
Gold Level Recruitment

For more information on each of the packages, please contact Scanit ME at recruitment@scanit.net or call +971 4 390 0796.