Akab is a modular and scalable SIEM+ (Security Information Event Management) architecture composed of various appliances placed on different points of the LAN to control network security status and proper network functioning with the means of analysis of network traffic, and system status and behaviour.

Akab comes with a number of complement specialized Consulting Services.

Security Audit (SA)

Purpose of the Security Audit (SA) consulting service is to give clear picture of the customer's current system security status through an in-depth, highly detailed, and comprehensive analysis of all issues that could possibly have an impact on the network security situation.

Such analysis allows to define an efficient deploy of system appliances and applications, and serves farther periodical checks of the customer's current system status.

SA consulting service includes independent activities that assure better results when applied together.

• Penetration Test (Black and White Box): consists of search for security holes and system vulnerabilities through a number of tests operated from outside the customer network. It can be defined as controlled external network attack simulation. Assessments can be classified as Black Box test, when the tester has zero-knowledge of the target system configuration (hacker profile), or as White Box test when the tester has limited or even in-depth knowledge of the target system (employee or external service provider profile)
• Internal Vulnerability Assessment (with/without Credentials): consist of internal audit and assessment of the customer internal network structure to identify potential security vulnerabilities. This can include all or a portion of the company appliances, applications, sub-nets, databases and servers.
• Network Vulnerability Assessment: consist of systematic examination of the customer network to determine the adequacy of security measures and identify security deficiencies.

Risk Analysis (RA)

Determination of network exposure to security threats is based on two main factors:

• 1. Risk weighted value of single network assets defined in relation to their network function.
• 2. Vulnerability of each asset, defined by manual or automated means attended by an expert and after an expert analysis.

AraKnos RA consulting service provides support to senior executives/company managers for identifying the risk weighted values and the vulnerabilities of different assets in the company network infrastructure.

Risk Management (RM) and Business Continuity Plan (BCP)

Identified network security risk implies appropriate risk minimization and management measures. This activity involves development and realization of strategical and operational plan (BCP) that defines and guarantees service availability and acceptable levels of performance in the advent of disaster - software or hardware failure, or any other event that makes the continuation of normal network functions impossible.
Once implemented the BCP plan requires periodical assessment and validation.