| |
| Putting
Your Business First | Security
isn't just about security, it's about your business. We've been in your
world, shared your experience. |
| Weighing
People and Practices, not just
Technology | Security
is more than technology. A great infrastructure isn't enough. Improving
behavior, awareness, and training is essential. |
| Using
Industry Standards as the Foundation | Our
work is built on the solid foundation of standards of good practice
such as ISO17799, National Institute of Standards (NIST), and Control
Objectives for Information and related Technology (COBIT). |
| Using
Tools That Are Industry Tested | We
use only techniques and technologies that have been generally accepted
in the industry. For
specific information about the technology products and brands that we
use, please see Software, Solutions and Tools. |
| Looking
Beyond Your Firewall | We
look at connections your business has to make sure relationships don't
increase your risk. | |
Egypt,
Arabian Gulf States & the Greater Middle East |
We
offer Security Solutions to our clients in the greater Middle East that
address the particular needs and challenges of business in the region.
Learn more... |
| Next Steps |
To
talk with us about security and your business, call (860) 859-3564
(U.S.) or visit the Middle
East. You can also submit
your inquiry online.
Or, see the Security
Consulting Services Overview. |
We
Put
Your Business First
Security
Isn’t Just about Security, It’s about Your Business
We look at your organization as a whole to determine the
impact a
security or compliance failure might have on your operations, your
reputation, and your business objectives. Sometimes we evaluate an
entire enterprise, sometimes just a discrete program - but we always
look at the effect of security and compliance on your organization’s
mission.
We’ve
Been in Your World, Shared Your Experience
We’re professionals who’ve actually experienced the importance of
security and compliance to a business. We are IT security professionals
who’ve worked in the financial industry, commercial enterprises, and
worked with law enforcement. Our Security Consultants are
Software Engineers trained in Information Security. They understand
systems architecture. They see the whole picture.
Back
to top
We
Give People and Practices as Much Weight as Technology
Security
Is More than Technology
Most problems
we uncover are every bit as much organizational as they are technical.
Part of our approach is a thorough examination of your technical
infrastructure. But even a great infrastructure isn’t enough.
We also scrutinize:
- Your security and
compliance policies
- Your actual
practices
- Your business
processes
- Your IT processes
- Your staff’s
understanding and observance of your policies and practices
Improving
Behavior, Awareness, and Training Is Essential
We never recommend technical improvements without also considering
organizational changes that will make them effective. We value actions
by their consequences. We identify weaknesses in your security
policies and practices that are endangering your security or
compliance. We can help train your staff to understand improved
policies and practices so they’re equipped to follow them. We can also
help them become more aware of threats so they’re constantly on
guard.
Back
to top
We
Use Industry Standards as the Foundation of Our Work
When all industries are required
to adhere to the same rigorous compliance mandates, and suffer the same
security threats, they work together to evolve and standardize best
practices. The result is accepted practices of proven value. Our work
is built on the solid foundation of standards of good practice such as
ISO 17799, NIST, COBIT, and Basel II. You can have confidence in the
assessments we conduct and the recommendations we make because we’re in
effect benchmarking you against every other business in your
industry.
Back
to top
We
Use Tools and Techniques That Are Industry Tested
The tools we use are every bit as
important as our expertise and our approach. Our techniques and
technologies - both open-source and commercial - are generally accepted
throughout the security industry.
Technologies we
use
include:
- Network-based
vulnerability scanners
- Web-server
vulnerability scanners
- Web-application
vulnerability scanners and assessment tools
- Database
vulnerability scanners
- Penetration
testing tools and exploits
- Packet sniffers
and intrusion detection software
- Policy and
compliance checking software
- Scripts and tools
to dump and analyze security device configurations
- Code review
stratification and analysis tools
- Computer
forensic
imaging and analysis technology
- Network forensic
data capture and analysis tools
For specific
information about the technology products and brands that we use,
please see Software, Solutions and Tools.
We test and evaluate every tool
before using at a customer’s site. We’ve also developed workflow tools
- such as databases for assessment results. They let us work faster and
smarter - and tailor our findings to your business.
Back to top
We
Understand That Security Extends Beyond Your Firewall
We understand that you’re not an
island - that you partner with other businesses that play an essential
part in your enterprise. We understand that security is more than just
what’s inside your firewall. We focus on the bigger picture. We look at
the connections your business has with other companies to make sure
that any relationship doesn’t increase your risk or threaten your
compliance.
Back
to top
|  |
