Continual assurance of security controls - both technical and procedural - are critical
to ensuring your business resilience remains current to the changing threat
landscape. MyEmpire provides a range of audit and assessment services to provide
Continual assurance of security controls - both technical and procedural - are critical to ensuring your business resilience remains current to the changing threat landscape. MyEmpire provides a range of audit and assessment services to provide that assurance.
With the expansion of regulatory requirements across many industry sectors, independent reviews of an organisation’s security posture are growing in importance. While gap assessments and health checks provide management with an understanding of current posture, external stakeholders often require greater levels of assurance. Audits are also critical for maintaining compliance with certifications such as ISO27001.
MyEmpire’s audit services expand upon our gap assessment methodologies and include detailed analysis of the design effectiveness of key controls (i.e., ensuring controls are designed to achieve security outcomes), and operating effectiveness (i.e., how well controls designed have been implemented).
Audit services include:
- ISO27001 Internal audit
- NIST CSF
- ACSC Essential 8
- APRA CPS-234
On-going monitoring of threats and vulnerabilities is an important operational security function. Vulnerability assessments support the secure management of technology, ensuring changes and maintenance practices do not negatively impact the security of your environment.
MyEmpire’s technical security specialists leverage offensive security capabilities to undertake the following services to identify weaknesses within your systems and areas to uplift technical security controls:
- Network and infrastructure vulnerability assessments
- Implementing vulnerability management solutions
- Vulnerability management as-a-service.
A robust security program must validate the effectiveness of the security controls being used to protect systems. MyEmpire helps organisations test their defences, validate the effectiveness of their security program and meet industry regulatory requirements.
MyEmpire’s penetration testing methodology is derived from a combination of information security guidelines and recognised penetration testing methodology standards from sources such as OSSTMM and OWASP.
Our offensive security engagements include:
Standard Security Testing Services
- Web Application/API Testing
- Enterprise/Infrastructure Penetration Testing
- Social Engineering/Phishing
- Mobile Testing.
Targeted Testing Services
- Red/Purple Team Engagements
- Assumed Breach Testing
- Foreign Interference Simulation
- ICS Testing
- Wireless Testing
- Pre-emptive Threat Intelligence Assessment
- Adversary Emulation.