Services

Zelos provides a variety of cyber security services for individuals and businesses. These services are categorized into three main sections: Engineering, Analytics, and Architecture. Zelos’ services provide an in-depth report with the completion of every project. The navigation list categorizes the types of services Zelos offers, although If there is a service which is not on the list, we can accommodate your request.


Engineering

Executing solutions for an organization's information security strategy.

Analytics

Analytics determine digital assets to be protected from unauthorized access.

Architecture

Design, monitor, enforce user policies, protocols, and countermeasures.

Vulnerability Management

A vulnerability scan is a reconnaissance tool used on a computer server, network, or IP infrastructure. Vulnerability scanning defines, identifies, and classifies the security vulnerabilities. Vulnerability scanners will allow for both authenticated and unauthenticated scans to occur.

Authenticated scans

Directly access network based assets using remote administrative protocols such as secure shell (SSH) or remote desktop protocol (RDP) and authenticate using provided system credentials.

Unauthenticated scans

This method is used by security analyst to determine the security posture of externally accessible assets without SSH or RDP access.

Vulnerability Management report includes:
  • Host, IP, and Port scan
  • Information gathering of host
  • WHOIS lookup
  • Geo-location
  • Wordpress & Bloggers scan
  • DNS lookup
  • Port scanner
  • SubDomain scanner
  • Reverse IP lookup
  • IP crawler

Penetration Testing

A comprehensive vulnerability assessment includes many of the same processes as a penetration test. There is a major distinction in the results they provide. Web application penetration testing is done using more rigorous means: utilizing both automated tools and manual methods such as scripts and interactive tools and by following a proven methodology. During a penetration test, vulnerabilities are not only identified, but an attempt is made to exploit them. The methodology of a penetration test follows the process of reconnaissance, mapping, discovery and the subsequent exploitation of vulnerabilities.

Penetration Test report includes:
  • Executive Summary for Strategic Direction.
  • Walk through of Technical Risks.
  • Potential Impact of Vulnerability.
  • Multiple Vulnerability Remediation Options
  • Vulnerabilities found.
  • CVE List
  • Remediation for vulnerabilities
  • Hosts tested

Digital Forensics

Digital forensics is the process of uncovering and interpreting electronic data. The goal of the process is to preserve any evidence in its most original form while performing a structured investigation by collecting, identifying and validating the digital information for reconstructing past events.

Digital Forensics report includes:
  • Summary of Information
  • Tools used
  • Evidence Analyzed
  • Steps taken
  • Relevant findings
  • Summary of Evidence
  • Analysis of finding
  • Remediation recommendations

Incident Response

Incident response is an organized approach to addressing and managing the aftermath of a security breach or cyberattack, also known as an IT incident, computer incident, or security incident. The goal is to handle the situation in a way that limits damage and reduces recovery time and costs.

Incident Response report includes:
  • Type of Incident
  • Scope of Incident
  • Impact of Incident
  • Sensitivity of affected data
  • System affected
  • Data affected
  • User affected by incident
  • Time line of incident
  • Remediation of Incident

Network Security

Network Security is the process of taking physical and software preventative measures to protect the underlying networking infrastructure from unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure, thereby creating a secure platform for computers, users and programs to perform their permitted critical functions within a secure environment.

Network Security report includes:
  • Host, IP, and Port scan
  • Information gathering of host
  • Whois lookup
  • Geo-location
  • DNS lookup
  • Port scanner
  • Vulnerability review
  • Reverse IP lookup

Server Hardening

Hackers often gain access to servers through unused ports. To limit entry points, server hardening includes blocking unused ports and protocols as well as disabling services that are not required. Server hardening involves identifying and remediating security vulnerabilities. Server hardening best practices can immediately reduce the risk of attackers compromising your critical systems and data.

Computer Security report includes:
  • Host Hardening
  • Areas Hardened
  • Policies & Setting Configuration
  • Best Practices
  • Feature & Role Configuration
  • Server Configuration
  • Logging & Monitoring Configuration
  • Remote Access Configuration
  • Update Configuration

Mobile Hardening

Mobile devices typically need to support multiple security objectives: confidentiality, integrity, and availability. To achieve these objectives, mobile devices should be secured against a variety of threats.

Mobile Security report includes:
  • Mobile Best Practices
  • Feature & Role Configuration
  • Server Configuration
  • Logging & Monitoring Configuration
  • Remote Access Configuration
  • Update Configuration
  • Areas Hardened
  • Policies & Setting Configuration

Wireless Security

Wireless scanning involves scanning any devices on the network. Ad-Hoc devices can be added to the machine scanning while wireless scanning allows for wireless router security.

Passive scans

Scans wireless packets slowly, and audits packets on the wireless network for information.

Active scans

Access points actively look for other devices, in addition to listening for them.

Wireless Security report includes:
  • Vulnerability Detection
  • Wireless Access Points
  • Wireless Detections
  • Control and Provisioning of Wireless Access Points (CAPWAP)
  • Wireless Configuration
  • Wireless Updating & Patching
  • Wireless Setup
  • Wireless Discovery

Education & Training

Confidentiality, integrity and availability, is a model designed to guide policies for information security within an organization. The elements of the triad are considered the three most crucial components of security. Confidentiality is a set of rules that limits access to information, integrity is the assurance that the information is trustworthy and accurate, and availability is a guarantee of reliable access to the information by authorized people.

Education & Training report includes:
  • In Depth Security topology
  • Custom Security lessons
  • Server security awareness

Cloud Security

Cloud security should identify where data is located as well as network architecture to meet the requirements of your needs.

Cloud Security report includes:
  • Cloud security patching
  • Cloud security configuration
  • Cloud security vulnerabilities
  • Cloud security policy management
  • Cloud security network
  • Cloud security logging & monitor
  • Cloud security risk management
  • Cloud security IAM management

Firewall

Firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted internal network and untrusted external network, such as the Internet.

Firewall report includes:
  • Traffic information
  • Inbound & Outbound Traffic
  • Virus detection
  • Geo-location Map View Report
  • Firewall configuration
  • Alert management
  • Anti Virus report
  • Remediation steps