|
|
|
 |
|
If after reviewing these Frequently Asked Questions (FAQs) and other information throughout our site you still have unanswered questions and/or require additional information about one or more of the expert vulnerability assessment services and solutions we offer, contact a member of the RVASI team via email at info@rvasi.com or by phone at 402.350.8752. Select questions below to lean more about us & how we can help your organization get secure and stay secure:
Services
§ How does RVASI's vulnerability scanning & penetration testing services differ? § How long does it take RVASI to perform a vulnerability scan? § How long does it take RVASI to perform a penetration test? § Who performs the vulnerability assessment services offered by RVASI? § How is the cost of RVASI's vulnerability scanning services determined? § How is the cost of RVASI's penetration testing services determined? § What type of assessment tools does RVASI use to conduct testing? § What type of security and compliance issues does RVASI test for? Solutions
§ What are the main differences between RVASI's expert services and solutions? § Can my organization customize the solutions that RVASI offers? § How is the cost for the solutions that RVASI offers determined? § Does RVASI offer bundled solution packages at a discounted cost? General
§ How does RVASI differ from companies offering similar services/solutions? § How often should my organization be tested? § Which RVASI services or solutions are right for my organization? § Where does RVASI conduct their testing from? § What time of day does RVASI conduct their testing? § How will RVASI's testing affect my organization's systems? § Does RVASI fix the security or compliance issues identified? § What methods of payments does RVASI accept? § When is payment for RVASI services and/or solutions due? § Does RVASI offer any types of customer incentive programs?
Services
How does RVASI's vulnerability scanning & penetration testing services differ? Our in-depth and comprehensive vulnerability scanning services focus primarily on identifying vulnerabilities and compliance issues across a very large number of networks, systems, and Web application whereas our penetration test services have a much smaller focus. Both services are designed to positively identify security and compliance issues, provide easy to understand reporting, and present proven recommendations for resolving issues.
How long does it take RVASI to perform a vulnerability scan? Generally, it takes our team of Ethical Hackers five (5) business days to complete a comprehensive internal or external vulnerability scan of target networks, systems, and Web applications. In some cases, additional testing time may be required as a result of a customized vulnerability assessment scope. In those instances, our team will propose a timeframe and seek approval prior to the start of any testing. Upon completion, a preliminary findings repot is securely delivered to your organization for review, comment, and discussion.
How long does it take RVASI to perform a penetration test? Generally, it takes our team of Ethical Hackers five (5) business days to complete a comprehensive internal or external penetration test/vulnerability assessment against target networks, systems, and Web applications. In some cases additional testing time may be required as a result of a customized assessment scope. In those instances, our team will propose a timeframe and seek approval prior to the start of any testing. Upon completion, a preliminary findings repot is securely delivered to your organization for review, comment, and discussion.
Who performs the vulnerability assessment services offered by RVASI? All RVASI Vulnerability Assessments/Ethical Hacks are performed by our team of knowledgeable, experienced, and industry certified consultants. The team uses a documented and proprietary approach based on industry best practices that is frequently updated and guarantees consistency in identifying security/compliance issues frequently missed by other testers.
How is the cost of RVASI's vulnerability scanning services determined? RVASI charges a flat rate for its vulnerability scanning services that is primarily based on the number of networks, systems, and Web applications targeted for assessment. Our rates are extremely competitive and we offer organizations significant discounts for opting to utilize other RVASI services and solutions.
How is the cost of RVASI's penetration testing services determined? The cost for our Web application penetration testing services is determined chiefly by the complexity of the application and the number of security controls being tested. This determination is typically made as a result of discussions and information provided to our team during the pre-assessment interview process. Similar processes and procedures apply to the other types of penetration testing we perform. Our rates are extremely competitive and we offer organizations significant discounts for opting to utilize other RVASI services and solutions.
What type of assessment tools does RVASI use to conduct testing? Our consultants use a variety of proven commercial, open source, and internally developed tools to identify common & uncommon network, system, and Web application vulnerabilities. All tools undergo rigid testing prior to being incorporated into our vulnerability assessment-testing arsenal. We also frequently update our tools to ensure accurate results are obtained based on current threats, vulnerabilities, and compliance issues.
What type of security and compliance issues does RVASI test for? We will test target networks, systems, and Web applications for literally thousands of security issues and focus specifically on identifying all compliance issues (HIPPA, GLBA, Sarbanes-Oxley, etc.) applicable to your organization. When possible, we also test security controls, process, and procedures defined within you organizations' Information Security policy. This often provides organizations with a realistic picture of the effectiveness or ineffectiveness of their policies.
Solutions
What are the main differences between RVASI's expert services and solutions? Two primary differences between the services and solutions we offer are as follows: 1. Our solutions are designed to address a broader range of security issues or concerns whereas the services that we offer are more narrowly focused 2. We typically bundle/combine one or more services and solutions into packages designed to take a more comprehensive approach to addressing the security and compliance needs of an organization; our services on the other hand, are generally standalone and more focused
Can my organization customize the solutions that RVASI offers? Absolutely, and we encourage this! Our team clearly understands that each organization has specific security and compliance needs that cannot always be fully addressed and/or met via a pre-packaged solution. This being the case, our team of expert consultants help guide organizations in putting together one or more customized solutions which targets their specific needs. Whether your organization has a solid security policy that just needs to be updated, a recently deployed Web application they requires testing, or you would like members of your security/IT staff trained in the latest Ethical Hacking techniques, we can help. RVASI strongly believes in taking a comprehensive and security in depth approach to helping organizations.
How is the cost for the solutions that RVASI offers determined? The cost is primarily based on which RVASI solutions your organization chooses to make use of. RVASI will assist your organization during the selection process and help your organization find a solution that is affordable while meeting security & compliance needs/requirements. Our rates are extremely competitive and we offer significant discounts to organizations choosing to utilize two or more of the solutions we offer.
Does RVASI offer bundled solution packages at a discounted cost? We offer packages at discounted rates and can help organizations save thousands without having to sacrifice quality. The unique structure of our company and subsequent operating policies, processes, & procedures allow us to accomplish this very easily.y.
General
How does RVASI differ from companies offering similar services/solutions? We set ourselves apart from the rest by focusing the majority of its time, efforts, and resources on delivering high quality/detail-oriented services and solutions at an affordable cost. Also, the unique structure of our company provides us with access to information, resources, and global connections that far surpass many of our competitors. With RVASI, you get nothing less then the best. How often should my organization be tested? As a general rule, your organization should conduct testing on a regular basis in order to ensure the desired security posture is being met or exceeded. Our team can assist your organization with determining specific testing schedules based on the level of risk, environment, accessibility, compliance requirements, industry practices, and more. Which RVASI services or solutions are right for my organization? Our team helps organizations determine which of our services or solutions are right by using multiple tools and techniques such as in-depth interviews with key personnel, conducting comprehensive risk/vulnerability assessments, by evaluating how your organization is meeting or failing to meet governing compliance requirements, and more. The team at RVASI will do their best with guiding your organization during the decision making process. Where does RVASI conduct their testing from? All of the remote/external testing that we do originates from Internet Points of Presence (IPP) assigned and/or belonging to RVASI. Organizations utilizing any one of our vulnerability assessment testing services receive specific information regarding our testing source address (IP) from which all RVASI testing activities will originate. What time of day does RVASI conduct their testing? We conduct our testing only during agreed upon timeframes and allow organizations the flexibility to choose which times work best for them. Over the years, we have conducted our testing without impacting production networks, systems, and Web applications during both peak and off-hour windows. RVASI offers a lot of flexibility in this area in order to accommodate the various needs and/or requirements of different types of organizations. There is no additional cost associated with having us perform our testing during off-hours so tell us what works best for you.
How will RVASI's testing affect my organization's systems? Our team uses proven tools and techniques that have never adversely affected networks, systems, or Web applications being tested. Furthermore, we use a variety of techniques that allow us to monitor the "health" of target systems throughout our testing cycles. Does RVASI fix the security or compliance issues identified? Our team does not fix security or compliance issues identified during vulnerability assessments however, we do provide expert lab & field tested recommendations for addressing these issues which are based on knowledge, experience, and industry best practices. In addition, RVASI consultants will work directly with those responsible for the development, maintenance, or administration of tested systems and assist wherever possible with resolving issues via conference calls, the provision of documentation, and lab testing. Our team has been instrumental throughout the years with helping organizations around the world to remediate or mitigate security or compliance issues discovered.
At this time, we accept the following payment options in US currency:
When is payment for RVASI services and/or solutions due? RVASI invoices organizations after successfully completing all objectives and stipulations specified and agreed upon within the Statement of Work (SOW). Unless otherwise agreed too, payment is due 30-days after receipt of the invoice.
Does RVASI offer any types of customer incentive programs?
Your business is extremely important to us
and we firmly believe in rewarding all of our loyal customers! Generally,
we do this by way of offering your organization exceptional discounts on
RVASI services and solutions and by granting individuals within your
organization free access to a myriad of valuable security related resources
that we offer. We also listen to you, our valued customer, and take into
account the type of rewards/incentives that that would most beneficial to
your organization. To find out more about our program, contact a
representative at RVASI. |
|
© Copyright 2005, RVASI, All Rights Reserved.
|