Bangalore, April 4, 2001: Net ProActive Services the IT Infrastructure Management Company, today announced the kick off of a new service called Vulnerability Assessment, as part of the b-Secure@BL practice. This is in line with Net ProActive Services' strategy of being a complete consulting and implementation solution provider and setting standards for managed services, which include "managed security services" (MSS).

Says Milind Dikshit, Security Practice Head, Net ProActive Services, "While the Internet is about sharing information, every organization has some information which is confidential and still is of interest to others. Information Systems security is all about protecting such information"

"What complicates the issue is that the overburdened and understaffed information security team has to manage an ever-growing multitude of threats from inside and outside the organization. It's a never-ending race between the relentless hackers who specialise in finding weak points in the IS elements of network, operating systems, applications and databases and the IS manager who has to identify the threats and define, implement, manage and audit safeguards against these threats" adds Milind.

It is to counter such a scenario that the Security Solutions Practice at Net ProActive Services has introduced a complete service called Vulnerability Assessment, a combination of simulated penetration testing (Ethical Hacking) and scanning (Security Scan) service.

Vulnerability Assessment is a methodical approach, which helps examine the security of an Information Systems infrastructure comprising of network devices, systems, applications and databases. It is a mutually agreed upon arrangement (duly signed agreement) under which an organization can employ an external agency like Net ProActive Services to simulate a hack and therefore expose existing vulnerabilities, if any. This information can then be used to incorporate the appropriate security policy and design an architecture to make the infrastructure more secure. The tests - the Security Scan (a perimeter scan over the Internet, scan of server systems, OS and Database), and Ethical Hacking (simulation of a real intruder's attacks in a controlled environment), would expose the potential vulnerabilities in the organisation's systems and the results can then be used to incorporate the appropriate security features to make the infrastructure more secure.

Speaking about Vulnerability Assessment, T.G. Ramesh, Chief Executive Officer, Net ProActive Services, said "Net ProActive Services has taken Internet security to the next level by creating a comprehensive Vulnerability Assessment service comprising a unique combination of 'people, process and tools'. We are the first vendor-neutral consulting, pure-service organisation to combine consulting, implementation and managed security service (MSS)", he added.

To create awareness on the importance of such a service, Net ProActive Services will offer a FREE Vulnerability Assessment on a trial basis for up to a maximum of 3 public IP addresses per customer for a limited period. Tailored to suit the needs of any organization, the Vulnerability Assessment involves the b-Secure@BL team conduct tests using a combination of tools, processes and people.

"We do tool based security scan as just the starting point. Port based attack simulations, OS enumeration, Firewall penetration tests and analysed results of the security scans is what brings in the actual value that the CIO is looking for." says Milind Dikshit. This is what makes the offer unique in it's own sense.

Net ProActive Services have had very positive responses from customers who have used the security services of Net ProActive Services. The customers list includes multi-location service providers, enterprises, data centers and software houses among others.

The b-Secure@BL security practice of Net ProActive Services, apart from Vulnerability Assessment, also, has a full suite of services from Risk/Threat Assessment, Gap Analysis, Security Audit, Security Policy Design, Security Architecture Design, Security Implementation, Vulnerability Fix, Remote Firewall Management Services and Online Intrusion Detection services.