Services
Altal's certification services are based on the vast expertise of its personnel who bring different perspectives to the field of telecom information security (ie: national defense perspective, an attacker's point of view). Based on known network breaches, Altal developed a stringent and efficient proprietary method to handle threats on national networks infrastructure, for both operators and manufacturers.
Altal offers three main lines of services:
1. Network Equipment Clearance, eva luation and Certification Network Clearance for Operators
Altal specializes in security accreditation for Telecom Service Providers. Altal's auditing methodology and procedure for telecom core equipment (hardware and software) is currently being considered to be implemented as part of national regulations. Altal's methodology was also adjusted to comply with international standards and for customers to benefit from worldwide recognition.
Equipment Certification for Network Equipment Vendors
Altal also provides unique services to pre-certify network equipment for on site locations (vendors' facilities) before live network implementation. The certification process includes common procedures accordance to known standards and is adjusted in some cases to be stricter and comply with particular regulatory requirements.
2. Regulatory Compliance Services
Altal offers regulatory services to assist companies in complying with telecom, cyber, and general information security regulations as well as maintaining international standards . Led by international law and technology experts, Altal's teams will examine any regulation in cooperation with the customer's legal department in order to extract obligations and to structure an ongoing strategy. Such a service is necessary for implementing and enforcing the regulation within the organization/network. As part of the compliance process, Altal's services include:
A. Examining local telecom regulation
B. Examining the organization's information security position
C. Designing and building the organization's information security policy in accordance to regulatory requirements
D. Writing and implementing policies and procedures of the physical security
E. Supervising internal information security processes
F. Regulatory reports/summaries production
3. Classic Information Security Examinations and Processes
Forensics Investigations
Altal provides inspection and analysis services for: private and company computers, open and closed networks, network equipment, and searches for past intrusion attempts. Our expertise ranges from performing data recovery services such as copying and preservation of evidence to analyzing system logs in order to gain a clear understanding of the different uses made on the system during the timed testing period.
Penetration Testing
Altal offers unique methods of eva luating the security of a computer system or network segment by simulating an attack from a malicious source. The penetration testing can be performed externally on the organization/network or internally, based partially on known tools and on Altal's proprietary code.
Risk Assessment
Altal assesses the risks and exposures of the organization's information and/or exposure of raw traffic in a network segment based on information security test results and a predefined security ranking. This process enables your company to understand risks regarding the confidentiality, integrity, and availability of your company's information and information systems. The process also includes identifying and a valuation of assets, and analyzing these assets in relations to potential threats and vulnerabilities.
Mitigation/Hardening
This process includes a set of actions to fix known and found vulnerabilities in order to prevent immediate information leakages. This usually includes the reconfiguration of systems, hole patching, updating and upgrading modules, and implementing proactive security methods.
Code Review
Code review consists of systematically examining a computer/firmware's source code in an effort to find and fix mistakes overlooked in the initial development phase. Code review improves both the software's overall quality and the developer's skills. The process uses open-source designated software, licensed software and Altal's proprietary applications and methodologies. Code review can be performed in three different ways: automated, semi-automated or manually.
Training and Guidance
Training sessions increase a company employee and executive awareness on all information security issues. Altal offers training sessions on: Information Security Incident Response, Information Security Defensive Methodologies, Secured Development, Proactive Security, Backup Plan Construction, Disaster Recovery Program (DRP), and Business Continuity Plan (BCP).
Advanced Courses
Altal also offers advanced courses on Reversing Techniques, Advanced Exploitation, Information Gathering Techniques, Malicious Writing and Discovery of Malicious Software on WIN, Linux, Unix operating systems, Spyware and Backdoors Detection, and Root Kit Exposure.
Expert Opinion
Our company has vast experience in writing professional opinions for organizations and governmental institutions in favor of court litigation proceedings for any kind of security related fields.
Opinion Forming Methodology
Altal focuses on achieving effective results. Before composing a comprehensive report, Altal expert conducts extensive fieldwork and research, such as putting himself in the shoes of technology personnel and seeking opinions in order to best understand and assimilate the technology.
For an Altal brochure on our three lines of services Click here.