SECURITY ASSESSMENT & AUDITS
Our work in IT with businesses, CPAs and Law Firms gives us comprehensive experience with security matters across a wide spectrum of businesses. We have conducted numerous assessments & audits for business clients across a wide spectrum formal audit and test requirements and we are comfortable formulating action plans that can be presented succinctly to the board of directors.
INTRUSION DETECTION & SURVEILLANCE
In approaching a large scale organization with complex network and node topologies we leverage a strong set of cyber securities tools. Chiefly, we implement Snort across Linux and Windows server implementations for intrusion prevention with real-time traffic analysis and packet logging. The tool will be utilized to perform protocol analysis, content searching/matching, and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes.
We employ several advanced algorithmic solutions and data dashboarding to monitor and escalate threat reporting. Advanced Threat mitigation via Nessus allows for the integration with malware defenses, patch management tools, BYOD, firewalls, cloud infrastructure and virtualized systems.
CYBER INCIDENT FORENSICS
Our work with Law Firms in the role of technical litigation support has given us exposure to technical matters from a forensic aspect. Most of this work is around making sense of log files and reconstructing the chain of events, as observed from the point of view of the network, server or application, and presenting those findings to the law firm for the purposes of litigation.
BLACK & WHITE BOX TESTING
Blackbox & Whitebox testing are key features of security verification. There is no better way to verify that best practices are being followed and that there is adequate coverage of the contingency plan than by leveraging tools, software and scripts that would be used by black-hat attackers to compromise your operation. Our whitebox analysis helps us narrow the scope of work necessary to provide adequate security coverage, and our blackbox testing methodology helps ensure there are no gaps in the security plan implementation.
DISASTER PLANNING & RECOVERY
Disaster Planning & Recovery is something we bring to every client’s attention. As a general rule, the NIST checklist on contingency planning/disaster recovery is the starting point we have used with all of our clients in order to implement a disaster recovery plan.