Cyber Risk Assessments


Be proactive to protect your bottom line.

Quickly discover your vulnerabilities.

We cover all your needs for comprehensive security risk assessments, technical assessments and custom assessments.
Our approach is proven faster, more comprehensive and we’ll stand by you in an audit.

Information and Cybersecurity Standards

Third Rock has expertise in the following compliance standards and regulations.

Healthcare – HIPAA
Healthcare – HIPAA Audit Protocol
Financial/Insurance  – NYDFS
Insurance – NAIC 668
International – GDPR
Cyber/Defense – NIST SP 800-171
Cyber – CCPA

Technical Assessments

Third Rock can map your protected information (data) through its entire flow through your organization.

Protected Information search and scans
OS Vulnerabilities and Compliance scans
Network Vulnerabilities scan
Penetration Testing
Network Communication scans
Code Reviews

and more to assure your valuable data is protected

    Custom Assessments

    Third Rock creates custom assessments you need to assess clients or vendors to improve cyber security.  For example;

    Agreement/Contract Review and Audits
    for legal and financial protection

    Due Diligence Assessments
    to understand cyber risk status

    Merger and Acquisitions Assessments
    establish risks prior to purchase or merger 

    Vendor Verification Assessments
    understand exposures with third parties 

    Powered by 

    and backed with Fortune 50 experience.

    Third Rock now offers an affordable NYDFS solution to get compliant by the

    April 15, 2020 deadline!

    Cybersecurity Scans

    Third Rock offers the most comprehensive suite of scans.

    OS Vulnerability & Compliance 

    • Over 300 action Items tested.
    • Cyber Security Rapid Repair Guide.
    • Top priority issues outlined to quickly harden your systems and network.

    Network Discovery & Inventory

    • Inventory of all devices connected to network.
    • Basis for sensitive data flow diagram.

    Network Vulnerability

    • Exposes weaknesses of computers and network devices on the local network.

    Network Penetration Testing (External)

    • Industry-standard methodology and tools.
    • Exposes weaknesses in firewalls and access to network(s).

    Sensitive Data Security

    • Scans computer and network storage for unencrypted sensitive data.
    • Includes PII, PCI, HIPAA.
    • Report identifying unencrypted data.

    Communications Security

    • Checks proper configuration of secure connections.
    • Includes SSL and TLS standards.
    • Report including corrective actions.

    Phishing Risk Assessment

    • One-time or quarterly training package.

    Source Code Security

    • Scans source code for security issues.
    • Identifies potential issues with the code.

      Get your FREE

      Cyber Risk Score

      in less than five minutes with
      Cyber Quick Check.

      Let us help you get

      Cyber Confident

      Get your FREE Cyber Risk Score

      in less than 5 minutes with Cyber Quick Check.

      Let us help you get

      Cyber Confident