Embedded Files
What we look at
What we look at
Perimeter
Perimeter
- Segmentation Analysis
- Infrastructure Analysis
- Cloud/IAAS/PAAS Review
Assets
Assets
- Discovery Scans
- Web Property Analysis
- Vulnerability Scanning
- Penetration Testing
Users
Users
- Identity and Access Management
- Awareness Training
- Physical Security Analysis
Engineering
Engineering
- Architecture Reviews
- Code Reviews
- Static Code Analysis
- Secure Development Processes
- Secure DevOps
⇣
⇣
Why?
- Is your perimeter well defined?
- Is it actually secure?
- Are your expectations correct?
⇣
⇣
Why?
- What is important to you?
- "Unknown" assets?
- Correct budget allocation?
⇣
⇣
Why?
- What is your user population?
- Cyber security savvy users?
⇣
⇣
Why?
- Is your architecture vulnerable?
- Outdated frameworks/packages?
- Security conscious developers?
- OWASP Top 10?
- Credentials in the open? GIT?
What we deliver or implement
What we deliver or implement
Deliverables & Implementations
Deliverables & Implementations
- Prioritized Cyber Security Report
- Virtual CISO Services (including policy guidance)
- Cyber Security Gap Analysis
- Shelf-ware Analysis
- Deploy a cyber "program" (SIEM, IVS, Endpoint, ...)
Recurring/Continuous Monitoring (Coming soon ...)
Recurring/Continuous Monitoring (Coming soon ...)
- Log Aggregation
- Audit Events
- Periodic Vulnerability Scanning w/SIEM-like integrations
- Asset and User Behavior Analysis
- Custom Correlations
⇣
⇣
Why?
- What should be fixed and in what order?
- Help with interim CISO responsibilities?
- What you already have vs. what should be added and/or updated?
- Do you have products that you've bought but are sitting on the shelf?
- Need expert implementation help?
⇣
⇣
Why?
- Cyber security doesn't end with an assessment, but starts there!
- If a new server or a new open port showed up in your environment, would you know about it?
- If a server starts emitting 5X the amount of logs, would you know?
Report abuse