Stealth Walker 
Contact Us
About Us
Penetration Testing
A penetration test is an expression used by security professionals to describe a number of security testing techniques. These techniques can be used to compromise an organization's network security and overcome security procedures (with the organization’s consent and supervision). The techniques range from automated vulnerability assessment tools to advanced manual testing techniques performed by security professionals.There are two types of test services: Black-Box tests & White-Box tests.
A black-box (blind) penetration test is a term used to describe a penetration test where the tester has little or no prior knowledge about the target system. This type of testing usually involves exploiting the target system externally, simulating a real world external attack before it can occur. As EEDS security testers keep themselves updated on the techniques external threats usually use, this testing is very useful to identify potential vulnerabilities that automated tests are not equipped to anticipate.
A white-box penetration test is used when the tester has intimate knowledge about the target system. This data (such as such network diagrams and technical information about internal/external applications) is provided by the organization. This type of testing usually involves exploiting the target system internally, simulating internal attacks before they can occur. White-box penetration testing is also useful to identify design flaws that might have slipped in during the conception of the Infrastructure.
The benefits of EEDS penetration testing are numerous as it can
- Identify external/internal vulnerabilities.
- Identify network (LAN/WLAN) and application level vulnerabilities.
- Measure an organization's ability to detect an external/internal attack.
- Measure an organization's ability to respond to an external/internal attack.
Also, penetration testing can be done periodically, facilitating continued monitoring of web infrastructures. As outside threats continually upgrade their techniques, it helps to have someone like EEDS doing the same, keeping one step ahead of threats. The frequency of penetration tests depends on the following factors: size of the organization, reputation and client base.
Penetration Testing is a component of a full security audit. It includes
- External Penetration Test
- Server penetration testing
- Router penetration testing
- Firewall penetration testing
- Operating system installation and maintenance.
- Pure Hacking
- The discovery of real risks and solutions independent of any vendor Pure Hacking will analyze the critical components of a Web-based portal, e-commerce application, or Web platform.
- On-Site Security Assessment
- Internal on-site penetration testing gives the organization the assurance it needs to transact safely on the internet and with business partners.
- Application Security Assessment
- Using manual techniques and hundreds of appropriate tools, the application security assessment pinpoints specific vulnerabilities and identifies underlying problems. The analysis integrates detailed vulnerability and countermeasure information for:
- authentication
- authorization
- session management
- data integrity
- data confidentiality
- privacy concerns
- Proactive Penetration Testing
- A potential attacker will visit a site on a periodic basis, to monitor if there is a new way to break into a system. If they find a way, they will often leave a “back door” to get in at a later date. Hence, the client can be attacked even after it has been through a rigorous security verification. Proactive penetration testing is the scheduled monitoring of an infrastructure / site to insure no new vulnerabilities have been inadvertently created.
Security Design
EEDS can perform a vast range of security design or implementation tasks for large and small businesses. Whether it's implementing a new firewall, system / network upgrading, virus or malware analysis/removal, forensic analysis, or a new network, EEDS can provide this expertise. EEDS can also provide ongoing support and services for these projects. EEDS has the ability to work with Windows, UNIX (most variants), and most major security products, as well as having a proven record of providing innovative solutions to complex security problems.
Security Assessments
Beyond penetration testing, EEDS provides a number of the security related assessment services including vulnerability assessments, application audits, and wireless security assessments. Not only can EEDS help identify the flaws in an existing systems before they result in a security breach, but EEDS can also explain them in such a way that makes sense to both technical staff and management. As an added service, EEDS can also remove most network vulnerabilities should a client not have the appropriate resources to do so.
Computer Forensics
Computer Forensics is the examination of computer data to determine if illegal, unauthorized or unusual activities have taken place. It is used extensively by law enforcement, military, intelligence agencies and private businesses. Computer forensics is not only computer data recovery, although computer forensics does rely upon some data recovery techniques and tools. EEDS uses formal computer evidence processing protocols. The findings may be presented in a court of law. Some past projects include:
- Retrieval of Internet usage (for cases involving pornography or Intellectual Property, for example);
- Keystroke logging on target computer;
- Bug sweeps (passive and active “monitoring device” detection);
- Affidavit preparation in support of legal filings;
- Expert consultation on Information Technology, Information Assurance and Security best practices;
- Information Security audit and IT system review capability;
- Executive protection;
- General investigation services, including background due diligence;
- Technical assistance on computer and network infrastructure;
- Wireless network security validation and penetration testing;
Mobile Phone Forensics
Mobile Phone Forensics or Mobile Phone Analysis is the recovery and forensic analysis of evidential data from mobile phone handsets, GSM SIM/USIM (3G) cards and attached memory storage cards.Through the use of specialized techniques and procedures, investigating this media can uncover a wealth of information. For example:
- Identity of handset /Phone book details
- Identity of SIM (Subscriber Identity Module) card used in handset
- Last numbers dialed, received, missed calls (including those that have been deleted)
- Hex dumps (For phones without SIM cards)
- SMS (Short Message System) text messages and senders numbers (including those that have been deleted)
- Other data that may be stored such as e-mail addresses & address books(including those that have been deleted)
- Remote recording of voice and mail from digital answer phones, fixed lines and mobile telephones (in accordance with current legislation)
Forensic Data Recovery
Forensic Data Recovery is the recovery of data from a physically or logically damaged device. Forensic Recovery follows all the procedures and guidelines used for both Computer Forensics and Mobile Phone Forensics to guarantee the continuity and integrity of the data. Forensic Data Recovery is used when the device in question is of possible evidential value and the data contained cannot be accessed, yet must be presented unchanged. EEDS uses its experience as Computer Forensic Experts to successfully recover data from damaged device. EEDS services have been used in the criminal and private cases in the past, both by regulatory and private clients.
Web Hosting Solutions
Our professional quality and absolutely reliable web hosting packages are ideal for small businesses to large size corporations. At affordable prices and superior technical support our web hosting packages are unmatched. Whether you need a small web site, large multi-stage web site, or an e-commerce ready web site we are able to meet your challenge.
Custom Services
In addition to Computer & Mobile forensics and security service, EEDS has a division dedicating to developing custom services, which includes software development and Website designing. By leveraging security expertise, EEDS can design custom tools and websites which meet security and quality standards.
Whether a client is looking to have a web site designed from scratch or only needs one feature adjusted reworked, EEDS can provide the expertise needed. EEDS services are customizable to small and medium sized businesses for which it offers affordable and professional website design. EEDS will take an idea from conception to a finished product on the web, and can handle all aspect of design, coding, graphics, publishing, advertising, promotion, maintenance, as well as any custom web programming needs a client may have.
EEDS possesses internal expertise in web application / server side scripting development and can provide all web programming needs,for large and small organizations. If a client’s needs include designing a complex application or a one of a kind application for its site, EEDS has the expertise to do so. EEDS staff has extensive experience in writing web applications and CGIs, Java, ASP, PHP, JSP, and Perl for both Windows and UNIX environments.
EEDS staff is experienced in Java, Delphi, C/C++, .Net and Visual Basic application development for both Windows and UNIX and has employees with experience in Oracle and forms based custom software development which is used by many Oman governmental agencies.
EEDS has resources with expertise in various areas such as Asset management system, Inventory Management System, Hotel Management System and Banking Sectors. These experts have successfully implemented custom programs in many of the Government Organizations in the Sultanate of Oman.
General Consulting
If a client’s requirements are not covered by EEDS services, EEDS can guide a client to the correct solution. Whether it's general computer support, providing training for a client’s staff, or simply answering a few questions, EEDS can provide the services needed at an affordable price.
