Threat Risk Assessments

Threat Risk Assessments

We provide Harmonized Threat Risk Assessments using CSE’s HTRA methodology. This includes an asset categorization or Statement of Sensitivity, a threat assessment against probable threat agents, an evaluation of the safeguards both proposed or implemented to determine vulnerability exposure, and a risk scoring and assessment using values derived from the Asset, Threat, and Vulnerability ratings. The report also features a risk mitigation section, and an executive summary.

 

Application Security

Security
Assessment & Authorization

We assist federal clients with SA&A deliverables including: Security Categorization Reports, Business Needs for Security, Development of Concept of Operations (CONOP) documents, Selecting ITSG33 Baseline Security Control Profiles, Tailoring control profiles, Identifying security control compliance evidence and recording the findings in a Security Requirements Traceability Matrix (SRTM), development of the Security Assessment Report including the Risk Register and the Security Plan of Action & Milestones.

 

Penetration Testing

VA & Penetration
Testing

Using both commercial and open source tools our analysts will attempt to defeat the security controls protecting a particular asset. Our testers may employ technical, physical and social methods. We have experience performing penetration tests on IT System Platforms, Web Based Applications, Static Code Analysis, Physical Building Access Controls, Surveillance Systems, Smart Buildings.

 

Technical Surveillance

Emanations Security (EMSEC) & Technical Surveillance Countermeasures (TSCM)

RF Frequency Analysis using Spectrum Analyzers, Thermal imaging for active electronics, TEMPEST & ZONE compliance assessments, RED/BLACK separation audits, Non-Linear Junction detectors and other technical tools. Analysis of Secure Discussion Areas (SDA) including sound attenuation (dB).

 

LEARN MORE LEARN MORE LEARN MORE LEARN MORE

Mission Statement

WNCS will provide trusted, ethical and impartial consulting services to our clients and at all

times treat our clients with respect and integrity. Our success is measured by our client's

satisfaction with our work.

 

MORE ABOUT US

 

 
Code photo

 

black thin line

 

We have experience securing the most popular virtualization and hyper-visor platforms. We also have experience implementing security models on cloud service providers including Azure, AWS, and Office365.

 

LEARN MORE

Microsoft Citrix
VM Ware Nutanix

 

 

 
 

WNCS is a privately owned security and privacy consulting company based in Ottawa Ontario.

 

 

We support clients across Canada, with our HQ office in Ottawa, and partner offices in most
major Canadian cities.

 

Our consultants have a broad range of qualifications to help assess privacy and security issues...

 

CONTACT US

 

 

Threat Risk Assessments

Threat Risk Assessments

We provide Harmonized Threat Risk Assessments using CSE’s HTRA methodology. This includes an asset categorization or Statement of Sensitivity, a threat assessment against probable threat agents, an evaluation of the safeguards both proposed or implemented to determine vulnerability exposure, and a risk scoring and assessment using values derived from the Asset, Threat, and Vulnerability ratings. The report also features a risk mitigation section,

and an executive summary.

 

LEARN MORE

 

 

Application Security

Security Assessment
& Authorization 

We assist federal clients with SA&A deliverables including: Security Categorization Reports, Business Needs for Security, Development of Concept of Operations (CONOP) documents, Selecting ITSG33 Baseline Security Control Profiles, Tailoring control profiles, Identifying security control compliance evidence and recording the findings in a Security Requirements Traceability Matrix (SRTM), development of the Security Assessment Report including the Risk Register and the Security Plan of Action & Milestones.

 

LEARN MORE

 

 

Penetration Testing

Penetration
Testing

Using both commercial and open source tools our analysts will attempt to defeat the security controls protecting a particular asset. Our testers may employ technical, physical and social methods. We have experience performing penetration tests on IT System Platforms, Web Based Applications, Static Code Analysis, Physical Building Access Controls, Surveillance Systems, Smart Buildings.
 

LEARN MORE

 

 

Technical Surveillance

Emanations Security (EMSEC) & Technical Surveillance Countermeasures (TSCM)

RF Frequency Analysis using Spectrum Analyzers, Thermal imaging for active electronics, TEMPEST & ZONE compliance assessments, RED/BLACK separation audits, Non-Linear Junction detectors and other technical tools. Analysis of Secure Discussion Areas (SDA) including sound attenuation (dB).
 

LEARN MORE

 

 

Mission Statement

WNCS will provide trusted, ethical and impartial consulting services to our clients and at all times treat our clients with respect and integrity. Our success is measured by our client's satisfaction with our work.

 

MORE ABOUT US

 

 

Code photo

 

 

black thin line

 

Microsoft

Citrix
VM Ware Nutanix

 

We have experience securing the most popular virtualization and hyper-visor platforms. We also have experience implementing security models on cloud service providers including Azure, AWS, and Office365.

 

LEARN MORE

 

 

 

WNCS is a privately owned security and privacy consulting company based in Ottawa Ontario.

 

 

We support clients across Canada, with our HQ office in Ottawa, and partner offices in most
major Canadian cities.

 

Our consultants have a broad range of qualifications to help assess privacy and security issues...

 

CONTACT US