Cyberkong uses a security assessment process that involves an intensive study and analysis of the client’s operational status. We then create a tailored plan that adheres to public and private sector industry compliannce criteria to include but not limited to:

  • Health Insurance Portability and Accountability Act (HIPAA)
  • ISO 27000 series
  • Gramm-Leach-Bliley Act (GLBA)
  • DoD Policy 8500 Series
  • Federal Information Security Management Act (FISMA)
  • NIST's SP 800 series
  • Control Objectives for Information and related Technology (COBIT)
  • Homeland Security Presidential Directive(s) (HSPD)
  • D/CID 6-4 Requirements
  • Defense Information Assurance Risk Management Framework (DIARMF)
  • OMB Circular A-123/A-130
  • Federal Information Processing Standards


Cyberkong will conduct black box and/or white box testing in accordance with prescribed rules of engagement to identify and exploit vulnerabilities identified on a non-interference basis if feasible. Utilization of industry validated hacking tools, techniques, and procedures for conducting security assessments, and perhaps, a few custom ones, should be expected!