Once you’ve used our IT Audit Program Generator to complete your custom audit, you may find that some tasks are easier to complete with a commercial tool. For example, manually assessing a firewall would be time-consuming and likely to result in errors. It is easier and more reliable to utilize a tool that can automate a comprehensive assessment, but buying software you only need to use once is costly and unnecessary.
We’ve worked with vendors to offer you low-cost, one-time licenses for some of the best tools on the market. Each of these tools will automate the assessment and generate a detailed report. Our reports are presented in non-technical language, making them easier to share with stakeholders across your organization.
Below is a brief listing of the tools we offer with a one-time license. For a complete list that includes pricing, please consider subscribing to scGRC.com
Web-Application Assessment – a comprehensive unauthenticated and authenticated analysis of web-application-specific vulnerabilities. The assessment will cover risks in the following categories.
·Cross-site Scripting ·SQL Injection |
·PHP File Include ·Parameter Deletion |
·Buffer Overflow ·Format String |
·Microsoft CGI Attacks ·CGI Attacks |
·Remote Execution ·Directory/File Traversal ·CRLF Injection |
·Special Parameter Addition ·Boolean Parameter Tampering ·Blind SQL Injection |
·Integer Overflow ·Information Exposure ·Generic HTTP Attacks |
·Microsoft IIS Attacks ·Common HTTP Device Attacks |
Vulnerability Assessment – a technical report of the risks associated with systems assessed for known vulnerabilities.