Orca Group has a full line of services dedicated to web application security, HITECH compliance, PCI compliance, HIPAA compliance, and custom security consulting services
Our Services:
A single successful penetration by a malicious hacker can result in compromising an entire organization’s confidentiality, integrity, and availability (“CIA”). Orca Group’ s research driven penetration testing & vulnerability assessment services help to prevent such a compromise by testing at realistic levels of threat.
Understanding real-world risks
OrcaGroup conducts penetration tests from inside and outside of your network to identify risks and help you to prioritize remediation. Types of penetration tests include:
- Internal and external network penetration test
- Web and mobile application penetration test
- Wireless penetration test
- Social engineering security testing (physical and electronic)
Penetration testing services
External network penetration testing
Penetration testing for Internet-accessible devices or internet of things (“IOT”) along with services such as web servers, firewalls, routers, DNS, and remote access etc.
Internal network penetration testing
Penetration testing for internal servers, firewalls, routers, switches, email, and DNS services.
Wireless network penetration testing
Penetration testing for wireless infrastructure, including access points, controllers, firewalls etc.
Application security testing services
OrcaGroup’s comprehensive Web Application Security Testing covers the classes of vulnerabilities in the 2013 Top 10 Open Web Application Security Project (OWASP) and are listed below for easy reference:
- Malicious Code Injection
- Cross-Site Scripting (XSS)
- Broken Authentication and Session Management
- Insecure Direct Object Reference
- Cross-Site Request Forgery (CSRF)
- Security Misconfiguration
- Insecure Cryptographic Storage
- Failure to Restrict URL Access
- Insufficient Transport Layer Protection
- Invalidated Redirects and Forwards
- SQL Injection
- Man in the Middle Attack
The primary goals of Web Application Security Testing:
- Provide management with an understanding of risk levels introduced by the web application.
- Provide recommendations and details to facilitate a cost-effective and targeted mitigation approach.
- Create a basis for future decisions regarding information security strategy and resource allocation.
Other Services
- SSL report
- TCP fingerprinting
- WHOIS
- Tracerout
PANscan Lite is a free system scan that checks for unencrypted payment card data. PANscan Lite requires no technical knowledge, is designed for all users, and provides general summary results.
Total number of unique cards found
Number of files containing card data
Technical support
Supported operating systems: Windows Server® 2003, Windows Server® 2008, Windows® XP, Windows Vista®, Windows® 7, Ubuntu 10, Mint 9, CentOS 5. Other Linux distributions are available upon request.
