FAQ

HIPERFORMANCE SECURITY Frequently Asked Questions (FAQ)

_____________________________________________________________________________

QUESTION: What services can Hiperformance Security’s perform?
ANSWER: HiPerformance Security is a Licensed Private Investigative Agency in the State of Washington that can perform:

  • SECURITY INVESTIGATIONS including performing computer and online investigations, intelligence gathering, case interviewing and computer forensics as well as other specialized civil and criminal investigative services.
  • SECURITY CONSULTING to identify potential security threats and look for vulnerabilities and weaknesses that would put the organization at risk.​
  • PENETRATION TESTING to evaluate your organizations security and identify potential vulnerabilities

_____________________________________________________________________________

QUESTION: What kind of investigations can HiPerformance Security perform?

ANSWER: HiPerformance can perform the following types of investigations for you:

Locating People: We can find missing persons, locate someone, find address.

Investigative Screenings:

  1. Tenant Screening
  2. Criminal Background Checks
  3. Employee Screening
  4. Vendor and Contractor Screening
  5. Executive Background Checks

Business Investigations: Business Identification is useful in situations where you need to know the exact legal status, ownership and location of a company. You may have a dispute with a company or are considering legal action. You may also need to know how to contact the owner or proprietor of a business.

Due Diligence and Business Background Investigation. We investigate corporations for clients who are interested in purchasing from a business, are involved in litigation with that company or are questioning who they may be hiring.  There are many reasons for conducting business background investigations, including:

  • Confirmation that the business is what it appears to be
  • Identify potential problems with the company and avoid a bad business transactions
  • interviewing former employees about the true condition of the company

Intellectual Property and Trade Secrets. Your company’s intellectual property is a valuable part of your business. Trade marks, patients and other proprietary assets are all vulnerable to internal and external threats. Victims of intellectual property theft lose money, their reputation or their client. HiPerformance can do Infringement and IP Theft Investigations including:

  • Trademark infringement investigations
  • Counterfeit Product Search and Interdiction
  • Theft of trade secrets investigations
  • Product review and analysis

Expert Computer Forensic Investigations. As licensed private investigators, we have the investigative skills, training, and mindset as well as technical understand to perform computer forensics. We can provides comprehensive computer forensic services which include identifying, preserving, analyzing, and reporting on electronic evidence

______________________________________________________________________________

QUESTION: What type of cybercrime and computer activity can Hiperformance Security investigate?

ANSWER: Our experience doing Cyberinvestigations for the Military, Intelligence and Law Enforcement community as well as for Technology companies give us a unique perspective on keeping you safe from cyberthreats. We can help with :

  1. Data Breaches & Computer Intrusions
  2. Corporate Misconduct and Espionage
  3. Fraudulent Transactions
  4. Embezzlement & Extortion
  5. Internet Stalking & Harassment
  6. Web Hijacking
  7. Advanced Fee Scams
  8. Online Identity Theft
  9. Extortion
  10. Denial Of Service Attacks
  11. Insider Attacks
  12. Threat intelligence and online research

______________________________________________________________________________

QUESTION: What is an Information Security Assessment

ANSWER:  An Information Security Assessment is a means of examining your organization’s information security infrastructure. It identifies vulnerable areas in your environment. Your organization will then be able to prioritize which areas need to be addressed immediately and which are less urgent.

We will compare your organizations processes and practices against those defined in generally accepted security standards such as ISO27000, SSAE, HIPPA and PCI. This analysis will then identify gaps that exist within the client environment and make business decisions on how to respond to them.

______________________________________________________________________________

QUESTION: What are the Benefits of a Security Assessment?

ANSWER: By hiring us to provide your Information Security Assessments, you will see the following benefits:

  • Threat Exposure – We can identify weaknesses and vulnerabilities from a technical, physical, and personal perspective.
  • Comprehensive Reporting – We provide a detailed report both from a technical and management perspective which shows risks, vulnerabilities and potential threats.
  • Provide management with clear and concise answers about their organization:  How well are you protecting your information from internal and external threats?

______________________________________________________________________________

QUESTION: What is a Penetration Test

ANSWER:  Penetration testing (ethical hacking) service tests the security of your IT systems, by identifying and exploiting common weaknesses, in a safe manner. We identify the most likely threats to your organization, looking at your business processes, information flows and the technology that supports your operations. This allows us to determine the vulnerability of your environment to malicious attempts to penetrate your systems.

Our penetration testing methodology is based on industry best practices that ensures that you receive quality and repeatable results, and minimizes the risk to your systems.

Our team uses a wide range of penetration testing tools similar to those used by hackers on the internet. Keeping up to date with the latest security vulnerabilities, trends and hacking techniques is our business.

We produce a comprehensive report for your management covering the approach taken, the techniques applied, and the vulnerabilities identified and make procedural and strategic recommendations to ensure that your systems are secure against future attack.

______________________________________________________________________________

QUESTION: What is the difference between Penetration Testing and Vulnerability Assessment?

ANSWER: There is often some confusion between penetration testing and risk assessment. The two terms are related but penetration testing has more of an emphasis on gaining as much access as possible while risk assessment places the emphasis on identifying security, privacy and compliance gaps. A penetration test is like any other test in the sense that it is a sampling of all possible systems and configurations. Generally testers will be unable to identify and penetrate all possible systems using all possible vulnerabilities. As such, any Penetration Test is a sampling of the environment.

______________________________________________________________________________

QUESTION: Why Perform Risk Assessments and Penetration Tests?

ANSWER: There are a variety of reasons for performing a penetration test.

  1. One of the main reasons is to find vulnerabilities and fix them before an attacker does. Sometimes, the IT department is aware of reported vulnerabilities but they need an outside expert to officially report them so that management will approve the resources necessary to fix them. Having a second set of eyes check out a critical computer system is a good security practice. Testing a new system before it goes on-line is also a good idea.
  2. Find Holes Now before Somebody Else Does. At any given time, attackers are employing any number of automated tools and network attacks looking for ways to penetrate systems.  Penetration testing provides IT management with a view of their network from a malicious point of view. The goal is that the penetration tester will find ways into the network so that they can be fixed before someone with less than honorable intentions discovers the same holes. In a sense, think of a Penetration Test as an annual medical physical. Even if you believe you are healthy, your physician will run a series of tests (some old and some new) to detect dangers that have not yet developed symptoms.
  3. Report Problems to Management. If someone has already pointed out to upper management the lack of security in the environment, penetration testing results help to justify the resources to address those needs.
  4. Verify Secure Configurations. If management is confident in their actions and final results, the penetration test report verifies that they are doing a good job. Having an outside entity verify the security of the system provides a view that is devoid of internal preferences. An outside entity can also measure the team’s efficiency as security operators. The penetration test doesn’t make the network more secure, but it does identify gaps between knowledge and implementation.
  5. Security Training For IT Staff. Penetration testing gives security people a chance to recognize and respond to a network attack. For example, if the penetration tester successfully compromises a system without anyone knowing, this could be indicative of a failure to adequately train staff on proper security monitoring.
  6. Discover Gaps In Compliance. In today’s heavily regulated environment, many organizations are looking for better ways to continually assess their compliance posture. Most regulations have multiple components specifically related to system auditing and security.
  7. Testing New Technology.  The ideal time to test new technology is before it goes into production. Performing a penetration test on new technologies, applications and environments before they go into production can often save time and money because it is easier to test and modify new technology while nobody is relying on it

______________________________________________________________________________

QUESTION: What types of Penetration tests can we do?

ANSWER:   Penetration Testing is the first tactical step many companies take to begin the identification process for weaknesses in their IT environment. Our security professionals use proven techniques, methodologies and tools to detect undesirable risks. Aurora will evaluate your technical, administrative and management security controls, and conduct tests against your Internet perimeter using real-world attacks techniques — both automated and manual.

We offer several types of Penetration Testing:
•   External Penetration Test
•   Internal Penetration Test
•   Website Application Penetration Testing
•   Social Engineering Penetration Testing

______________________________________________________________________________

QUESTION: How does Hiperformance Security use Investigative Hypnosis?

ANSWER: Investigative Hypnosis is a powerful interviewing and investigative tool. It is not a method for determining the truthfulness of a statement provided by a victim or witness but rather is a tool that gives a person the ability to recall event details by concentrating without distractions while in a relaxed state. These techniques are used in order to enhance and clarify memories that a person is already aware of, or to recover memories that the person is currently unaware of.

Forensic and Investigative Memory-Enhancing Techniques can also be helpful in allowing a victim or witness of a traumatic or stressful incident to process, or resolve, and ‘move on’ from the experience. This is often even more important than obtaining information from the person.

QUESTION: What is Hypnosis?

ANSWER:  More information on hypnosis can be found at http://hiperformance.sharepoint.com/Pages/FAQ.aspx

______________________________________________________________________________

QUESTION: What if I need other Private investigative services?

ANSWER: Contact us for a free consultation on how Hiperformance Security can assist you.