Federal Agencies
Department of Veterans Affairs
SparkC received task orders to conduct vulnerability assessments for the VA on various software applications they were vetting for future deployment across the network. Our Cybersecurity Compliance Director conducted a vulnerability assessment of several applications that VA was aiming to implement to streamline communications and improve application management. We conducted external vulnerability assessments according to NIST-800-34 standards, and provided official reporting for each application that was requested for evaluation.
Services Provided :
- Risk/Vulnerability Assessments
- Compliance Management
- Database Penetration Testing
- Network Penetration Testing
- Automated and Manual Target Enumeration
- Remediation Recommendations
- Comprehensive Reporting
- Manual Exploit Validation
Private Sector
Ankura Global Consulting
Ankura engaged SparkC to conduct quarterly external penetration testing and scanning as part of their compliance and IT security obligations for fiscal year 2022. Throughout each quarter, SparkC diligently performed external penetration testing, uncovering genuine exploitable vulnerabilities and ensuring compliance with regulations and industry best practices. With Ankura's extensive global footprint, our team was tasked with assessing over 200 IP addresses. Our approach to external penetration testing encompassed the utilization of automated tools such as Qualys Security, alongside manual penetration testing techniques, followed by comprehensive remediation reporting.
Services Provided :
- Wireless Penetration Testing
- Web Application Penetration Testing
- Risk/Vulnerability Assessments
- Penetration Testing
- Automated and Manual Target Enumeration
- Remediation Recommendations
- Comprehensive Reporting
- Manual Exploit Validation
Healthcare/Hi-Trust Support
United HealthCare/HCD International
Upon securing a sizable contract from United Healthcare Insurance Plans, which mandated HCDI to oversee PHI data analytics, they engaged SparkC to implement continuous monitoring, internal and external penetration testing, reporting & remediation, and patch management deployment. Collaborating directly with the IT team, our initial phase involved conducting an external vulnerability scan to evaluate network security status. Subsequently, our team identified internal vulnerabilities and furnished remediation reports to the HCDI IT Team. Following this, we deployed virtual cloud agents using the Qualys tool for internal penetration testing, ensuring comprehensive visibility into vulnerabilities. After analyzing internal scan results, we convened with the HCDI IT team for a remediation meeting, providing detailed reports and expert insights. We conduct daily scans on all endpoints to detect Level 5 and 4 vulnerabilities and promptly deploy available patches.
Services Provided :
- Wireless Penetration Testing
- Web Application Penetration Testing
- Database Penetration Testing
- Network Penetration Testing
- Risk/Vulnerability Assessments
- Penetration Testing
- Compliance Management
- Training & Readiness