1300 252 789
Get in touch

Security risk and threat assessment

Capabilities
Capabilities
Powered by people

Strengthen your defenses against evolving cyber threats

Cyberattacks are increasing in frequency. No organisation is completely safe from the risks and threats of these attacks.

Current defensive strategies aren’t well suited to mitigating prolonged attacks by cyberattackers who are highly organised and well-funded.

Frame provides a range of cybersecurity, threat and risk assessment services to help protect your valuable information assets.

Our approach

What you can expect

A better understanding of how and where your information assets are vulnerable to cyberthreats, and what you can do to protect them.

Penetration testing

Frame offers fixed-price packages for high-quality, affordable penetration tests.

Penetration tests identify vulnerabilities, and also provide recommendations for treatments that help you prioritise ICT and digital security spending.

Tests are performed by highly qualified and experienced security professionals, using premium tools and best practice methodologies.

We give you an indication of operational deficiencies that are the likely root cause of vulnerabilities. Then, we work with you to determine treatments that are pragmatic and effective, so you’re able realise real value.

Frame’s fixed-price packages provide excellent value and are designed to help you quickly assess your risks and prioritise the necessary steps to protect systems.

For a single, external web application, this package gives you:

  • testing that’s aligned to OWASP, CEH and other methodologies
  • authenticated and unauthenticated testing
  • vulnerability scanning for exploits
  • classifying, prioritising and manually exploiting the vulnerabilities found
  • Additional web applications can be added for a fixed price per application.

For 1–20 external-facing IP addresses, this package gives you:

  • network testing that’s aligned to CEH and other best-practice methodologies
  • scanning and testing of firewalls, switches, routers, load balancers, security devices and servers
  • vulnerability scanning for exploits
  • classifying, prioritising and manually exploiting the vulnerabilities found

Additional blocks of 10 IP addresses can be added at a fixed price per block.

For 1–5 access points and/or mobile devices, this package gives you:

  • scanning and testing of access points, smartphones, tablets and other wireless devices
  • vulnerability scanning for exploits, including identifying rogue access points, non-encrypted data, WEP key security, DOS and MAC spoofing
  • classifying, prioritising and manually exploiting the vulnerabilities found

Additional blocks of 5 access points and/or mobile devices can be added at a fixed price per block.

Cybersecurity assessments

By understanding how an adversary carries out cyberattacks, you can generate a robust set of strategies and tactics for cybersecurity protection, detection, response and recovery.
Frame’s cybersecurity assessments are designed to identify gaps in your security capability. We recommend practical steps to protect your systems and data, as well as how to respond to, and recover from a cyberattack incident.

The result? The information you need to:

  • align cybersecurity activities with your business requirements, risk tolerances and resources
  • determine which activities are important to your critical service delivery, and to prioritise investments to maximise the value of each dollar spent
  • address cybersecurity risks as part of your organisation’s risk management processes
  • apply the principles and best practices of risk management to improving your security and ICT infrastructure resilience
  • provide a consistent and iterative approach to identifying, assessing and managing cybersecurity risk.

Firewall health checks

Firewalls are a critical first line of perimeter defence for your organisation.
As you adopt new ICT and digital services, increase connectivity to partners, and change routing or gateway controls, firewalls become more complex. Hundreds of rules accumulate, and a single erroneous rule can have serious consequences for your information security and applications performance.

Frame’s firewall health check is designed to identify gaps in your gateway security and recommend steps to protect your systems and data, optimise performance, and adhere to compliance requirements such as PCI-DSS.

A firewall health check lets you:

  • gain an accurate picture of your firewall health, including hardware, software, global properties, security policies, patches, software updates, licensing, support, and disk and memory usage
  • identify and treat security weaknesses, performance bottlenecks and lifecycle risks
  • configure your firewall to the latest vendor and best practice standards
  • increase firewall performance and application response times
  • comply with PCI-DSS which requires periodic review of firewall rule sets
  • adhere to industry best practices for firewall protection of systems and information
  • maximise the investment in your existing firewall by deferring costly upgrades.
Our approach

Service inclusions

Frame’s services for penetration testing, cybersecurity assessments and firewall health checks all come with the following inclusions.

Qualified and experienced security professionals

Our risk and threat assessments are performed by experienced security specialists, qualified to the highest industry standards across multiple disciplines.

Our specialists’ certifications include:

  • Certified Ethical Hacker (CEH)
  • Certified Computer Examiner (CCE)
  • Certified Information Systems Security Professional (CISSP)
  • Microsoft Certified Systems Engineer (MCSE).

Cybersecurity assessments

Frame’s approach incorporates the full range of vendor recommendations, emerging global standards, and industry best practices. These include:

  • AU Protective Security Policy Framework – Information Security Manual
  • Australian Signals Directorate Strategies to Mitigate Targeted Cyber Intrusions
  • Certified Ethical Hacker (CEH) Methodologies
  • CoBIT 5
  • Payment Card Industry – Data Security Standard
  • SANS Critical Security Controls for Effective Cyber Defense
  • US NIST Framework for Improving Critical Infrastructure Cybersecurity.

Testing that uses premium tools combined with expert analysis and advice

We use authorised vendor tools combined with expert human analysis to identify improvement opportunities for your environment’s security, performance and software lifecycle.

Because we’re experts in researching who the attackers are, what they’re after and how they’ll attack you, we’re able to advise you from both a threat and vulnerability perspective.

We use many of the same tools and techniques that criminal hackers would use to attack you.

Cybersecurity assessments

Frame’s approach incorporates the full range of vendor recommendations, emerging global standards, and industry best practices. These include:

  • AU Protective Security Policy Framework – Information Security Manual
  • Australian Signals Directorate Strategies to Mitigate Targeted Cyber Intrusions
  • Certified Ethical Hacker (CEH) Methodologies
  • CoBIT 5
  • Payment Card Industry – Data Security Standard
  • SANS Critical Security Controls for Effective Cyber Defense
  • US NIST Framework for Improving Critical Infrastructure Cybersecurity.