Executive Proposal for the Purchase of Hackershield

Executive Leadership Team, Advanced Research Hackershield Security Testing Software Today, security has become an integral part of information technology networks and Advanced Research is in need of an improved approach to its security precautions.

The purpose of this executive proposal is to provide the company's executive leadership team with a description concerning the benefit of testing and identifying vulnerabilities before they are exploited by hackers through the use of Hackershield Security Testing Software, including a description of the application, its purpose and associated benefits in support of its purchase and implementation. Finally, a summary of the research and important findings concerning the benefits of Hackershield Security Testing Software together with recommendations for its purchase by Advanced Research are provided in the executive proposal's conclusion.

Review and Analysis Description of Hackershield Security Testing Software This application uses a proactive approach to information technology (IT) security by actively scanning, testing and identifying potential security-related problems. For instance, according to the software's vendor, "HackerShield performs daily security scans employing industry-standard, as well as advanced software and methodologies to scan, test, and identify security vulnerabilities" (Hackershield, 2015, para. 2).

In addition, in an effort to standardize the terminology concerning corporate network vulnerabilities, Hackershield Security Testing Software also incorporates the Common Vulnerabilities and Exposures (CVE) list that assigns a number to each type of vulnerability that the software security product is used to detect (Group debates what's in a name, 2009). This application also creates a map of an IT network in order to develop an inventory of its constituent components, including servers, workstations and other IT devices (Ethical hacking and countermeasures: Attack phase, 2009).

The purpose of these features is discussed further below. The Purpose of Hackershield Security Testing Software Software security systems that were state-of-the-art just a few years ago may be woefully inadequate to respond to the dynamic nature of the types of security threats that are arrayed against corporate IT networks.

For instance, according to Piazza (2009), "Many Web applications, from complex online pages to simple Web forms, are rife with exploitable weaknesses, and malicious attackers are frequently and successfully using those holes to obtain access to whatever sensitive information may be inside the exploited database" (p. 87). Therefore, the overarching purpose of Hackershield software is to identify and fix any vulnerabilities in an IT network that can be exploited by hackers to gain access to servers, workstations, and other IT devices (Ethical hacking and countermeasures: Attack phase, 2009).

According to Gope and Kashem (2013), there are two primary goals for testing software in this fashion as follows: To achieve adequate quality (debug testing) by probing software for defects so that these can be removed; and, To assess existing quality (operational testing) to gain confidence that the software is reliable (p. 36). The HackerShield Security Testing Software package includes a large database and dictionary that are used to simulate hacker attacks on designated network devices and identify any passwords that are vulnerable to hacking (Manzuik, 2015).

This security application also scans each computer's internal configuration and operating systems to identify directories, users, and permissions and incorrectly configured files (Manzuik, 2015). This is an especially important attribute for Advanced Research. For instance, Piazza (2009) emphasizes that, "It is clear that any online business and any organization with a Web site is vulnerable to hackers who seek out Web application weak points to steal information or penetrate the inner workings of a network" (p. 88).

Following the completion of each scan, the Hackershield Security Testing Software produces a report formatted in HTML that can be exported to an ODBC database package as shown in Figure 1 below (Manzuik, 2015). Figure 1. Representative Hackershield report Source: http://windowsitpro.com/content/content/9206/screen_01.gif According to Manzuik, "The report identifies each vulnerability or misconfiguration that the scanner found and provides instructions on how to eliminate each threat" (2015, para. 5).

The HTML-formatted reports also provide corresponding links to relevant background data concerning associated security issues, including updates by BindView's expert consultants and security advisories from software vendors (Manzuik, 2015). This data is also depicted in graph form to facilitate identification of trends in security breaches to prioritize remedies (Manzuik, 2015). Scans can also be configured to run automatically at set time intervals and allows the customization of scan policies (Manzuik, 2015). In addition, this application provides the ability to automatically keep the system current with vendor-provided updates (Manzuik, 2015).

The Benefits of Hackershield Security Testing Software There are numerous benefits that can accrue to the use of Hackershield Security Testing Software. For example, according to Manzuik (2015), "HackerShield is a security and vulnerability scanning tool that checks for more than 450 potential problems and can automatically update itself with new security checks from BindView" (para. 2). In addition, this application can automatically fix some types of vulnerabilities and reverse any modifications that have been made to an IT system by a hacker (Manzuik, 2015).

Some of the other benefits of using Hackershield Security Testing Software include the following: It is easy to investigate each IT device for vulnerable programs; It ensures that the IT network and servers are prepared to defend against Internet attacks (Ethical hacking and countermeasures: Attack phase, 2009, p. 18); It ensures that the IT network and servers are prepared to defend against any attacks that succeed in bypassing the firewall (Ethical hacking and countermeasures: Attack phase, 2009, p.

18); It identifies security holes on servers and workstations with multiple operating systems (Ethical hacking and countermeasures: Attack phase, 2009, p. 18); It provides information concerning any modifications that are made by hackers to system files (Ethical hacking and countermeasures: Attack phase, 2009, p. 19); IT tests for potential Denial of Service (DoS) problems (Manzuik, 2015); and, It tests and scans all TCP/IP devices (Manzuik, 2015).

Because Advanced Research relies heavily on its online resources to conduct business transactions and provide potential clients with information concerning our services, any denial of service attacks could have severe consequences that may not be easily remedied. For example, Gao (2013) emphasizes that, "Hacking efforts through Distributed Denial of Service attacks or other means are persistent threats for companies" (p. 13). Just as important, the potential for hackers to hold the company's IT network as a virtual hostage also exists.

In this regard, Gao (2013) adds that, "A large-scale attack can interrupt connections to the company's servers, causing a complete shutdown of its operations. Once hackers realize they can disrupt service, they often attack the same company again, often with a demand of blackmail payment before they will stop" (p. 13). Based on his analysis of the efficacy of the Hackershield Security Testing Software package, Manzuik emphasizes that, "HackerShield was impressive in its levels of reporting.

Not only were the reports complete and accurate, but they also gave me the option of selecting certain vulnerabilities and letting the scanner automatically repair them" (2015, para. 5). The Hackshield software package also contains a number of other attributes that would be highly beneficial for Advanced Research that would justify its purchase. For instance, Manzuik (2015) adds that, "HackerShield is one of the best.