Cyber Security


Startech Business Systems Security Assessments are designed to give businesses a 360-degree view of their security posture

Startech Business Systems offer four complete packages based on the client’s needs and/or size

Clients can expect a report in concise language that allows business owners and IT managers to clearly understand the recommendations and allows them to prioritize actions to improve their security posture

The following four sections will detail each one of our offerings

Cyber Security Advisory Assessment

The Startech Business Systems Cyber Security Assessment Service is designed to give businesses a 360-degree view of their infrastructure’s vulnerabilities.

The Security Assessment includes two full days of consulting services by a Startech Business Systems security consultant; evaluating people, processes and technologies to help you understand your organization’s current security state.

The Security Assessment is a starting point of discussions that will provide consultative guidance across a range of security topics which include today’s risks, where you’re most vulnerable, modern technologies and best practices to protect your information.

Cyber Security Advisory Assessment


  • Identify current loop’s in security architecture, backup and recovery systems
  • Identify System / Network Vulnerabilities
  • Evaluate security technology deployed against current infrastructure landscape
  • Remediation plan & advisory for findings


  • Introduction, Scope, Objective, Methodology
  • Findings and conclusions
  • Remediation of key findings
  • Security consulting/advisory

The Security Assessment report will be conducted by a Startech Security Auditor as well as an ethical Hacker who is a member of ISACA/GIAC.

The Startech Business Systems Cyber Security Assessment Service is designed to give businesses a 360-degree view of their infrastructure’s vulnerabilities.

The Security Assessment includes two full days of consulting services by a Startech Business Systems security consultant; evaluating people, processes and technologies to help you understand your organization’s current security state.

Penetration Test Assessment

Digital security
The Penetration Test Assessment will help your organization to identify high-risk vulnerabilities that may be difficult or impossible to detect with scanning software allowing potential threats to go unnoticed.

The Assessment will be used to address and evaluate the effectiveness of an existing security network.

Technical Architects from Startech’s security team use a mix of manual and automated testing techniques in an attempt to gain access to information without the knowledge or permission of its owner.

The assessment is used to evaluate the external security perimeter and provide recommendations for strengthening the security infrastructure; reducing the possibility of an external hacker compromising your information unknowingly.

Based on results, Startech Business Systems security professionals will deliver a quality penetration test assessment that includes a detailed report.

The report will include a summary of the results as well as actionable advice for strengthening the security defenses for your infrastructure.

A Penetration Test Assessment includes:

  • Pre-sales consultation with the client
  • Defined statement of work (SOW) with established timelines
  • Conduct Security Penetration Assessment
  • Presentation of Network Presentation Test Assessment Report


  • Intelligently manage vulnerabilities – Penetration testing provides detailed information on exploitable security threats so they can be prioritized for remediation, security patches applied and resources allocated where they are needed.
  • Avoid the cost of downtime – Testing helps to avoid financial costs of remediation efforts, legal activities, lowered productivity and more by identifying and addressing risks before a breach occurs.
  • Meet regulatory requirements and avoid fines – Detailed reports will help your organization address some of the requirements of HIPAA, Sarbanes-Oxley, PCI-DSS and more.
  • Preserve corporate image and customer loyalty – Penetration testing not only helps your organization to avoid data incidents, but it will also protect your reputation and trustworthiness with your customers.

Web Application Vulnerability Assessment

Security check
Identify Network Security Weaknesses Before Intruders Attack!

Data breaches cost Canadian businesses millions of dollars each year and the number of malicious or criminal attacks is on the rise.

Network security weaknesses can create an easy path for cyber attackers to gain access and compromise sensitive data and applications.

Most organizations don’t test their software until it has been created and nears the deployment phase. This practice is ineffective and contributes to higher software development costs.

Identifying and correcting network vulnerabilities is critical in protecting any organization from harmful attacks and should be used as part of an ongoing strategy to support an organization’s software development lifecycle.

Service Overview:

  • Web Application Vulnerability Assessment can help your organization identify vulnerabilities and provide a recommended approach to remediate any vulnerabilities based on industry best practices.
  • As part of the assessment, Startech technical architects assume the role of an external attacker to attempt to exploit potential weaknesses.
  • Comprehensive tests evaluate web applications source code against known exploitable vulnerabilities.



Based on results, recommendations for strengthening the source code to reduce the possibility of exploits by an attacker are provided. The survey results include analysis of vulnerabilities such as:

  • SQL injection
  • Cross-site scripting
  • Cross-site request forgery
  • Buffer overflows
  • Weak authentication
  • Improper data sanitation


  • Obtain a true understanding of your network’s security gaps and vulnerabilities and how to enhance your organization’s network security.
  • Ability to view the organization as it would be seen by a cyber attacker.
  • Identify which risks which should matter most to your organization
  • Achieve compliance for the many regulations and standards that require vulnerability assessments
  • Help to ensure confidentiality, integrity and availability of data and assets

Social Engineering Test Assessment

Social media security testing
Improve Security Defenses Through ‘People-Hacking’

Social engineering has become one of the prevalent attack methods in use today.

As such, social engineering test assessments are now a must for organizations to understand the real-world threats to their business.

These assessments can help identify the potential holes in the “human network” to prevent information breaches and to strengthen the company’s security compliance.

Employees don’t necessarily have to be malicious to put the company at risk, they may not understand the security risks associated with their behaviour and their role in protecting business-critical information.

The assessment will help establish the current state of security awareness among your personnel as well as determine gaps in policy, procedure, enforcement and security awareness training.

Service Overview:

  • Employees represent a possible weak link in security for many organizations
  • The Social Engineering Test Assessment is designed to complement Startech Business System’s Penetration Test and Web Application Vulnerability Assessment by attempting to convince your employees to divulge sensitive information through the use of emails and phone call scripts customized to your company


  • The security tests performed during the assessment include a mix of automated and manual tests in conjunction with customized scripts that address:
  • Telephone Impersonation – Experts will contact a designated list of employees with a script intended to persuade them to give credentials or other sensitive information

Email Phishing – Emails are sent to designated employees in order to persuade them to perform an action like clicking on a link within the email or to provide sensitive information over the email

At the conclusion of the assessment, a final report that details the number of employees who were convinced to provide sensitive information or click an unknown email link will be provided along with recommendations for the clients to educate their employees about safer behaviours.


  • Identify potential weak points so that your organization can improve its policies minimizing the impact on the business
  • Measure the effectiveness of employee security awareness
  • Gain understanding of real-world risks to the organization from the perspective of an attacker, going beyond the limitations of automated scanning
  • Employees develop an enhanced level of awareness and diligence in protecting business-critical information