Frequently Asked Questions

Q: What scoring systems do you use?

A: For consistency and accuracy, we use five (5) categories to score risk; Critical, High, Moderate, Nominal and None. This can be adjusted to meet a clients internal scoring preferences.

Q: What methodologies do you use?

A: We work with all of the current standards and methodologies and will select the best fit for the engagement. These include but are not limited to NIST, FIPS, ISO 27001, BASEL II, OSSTMM, PCI and TSSIT.

Q: Who will work on our project?

A: We only have Qualified Security Professionals employed by 10-D Security to work on client projects. No interns, temporary staff, contractors or outsourced labor are used on your engagement.

Q: How long does it take to get a final report?

A: We believe a report should be delivered as close to the assessment or audit as possible so any remediation work can begin. With this in mind, we will work hard to deliver reports as soon as possible.

Q: Will our internal vulnerability report be thicker than a phone book?

A: Not at all. We have developed specialized software and processes to analyze the volumes of raw data produced during our testing. This process results in a very clean and accurate report that is easy to read and understand, and much smaller than a phone book.

Q: What size clients do you work with?

A: We work with anyone who needs quality security services. We have worked with companies large and small all across the nation. This includes small community banks to large holding companies.

If you have any additional questions please feel free to contact us.

Check out our latest Weekly Security Tips!