logo_page.png

SECURITY 

OFFERINGS

CYBER INTELLIGENCE

OPEN SOURCE DIGITAL NETWORK INTELLIGENCE (OS-DNI)

  • Social Media

  • “Google Hacking”

  • Image EXIF Data

CONTINUOUS MONITORING

  • Security Background

  • Asset Tracking and Monitoring

  • Target Tracking and Monitoring

ELECTRONIC INTELLIGENCE (ELINT)

  • Cell-phone monitoring

  • Radio/CB/walkie-talkie monitoring

  • Other RF communications

HUMINT

  • Spear-phishing

  • Social Engineering

  • Interrogations (subtle info extracting, not snatch and grab)

TRAINING

  • How to do all of the above

  • Creating Consistent Intel Reports

  • Creating Actionable Intel Reports

  • Reading Actionable Intel Reports

ATTACK

Please note that most of this will not be offered to the general public or foreign governments

PenTesting

  • Physical

  • Social

  • Computer – Internet

  • Computer – Close Access

  • PCI Security Audit

  • General web security

  • Database Security

  • Cross Site Scripting

Hacking

  • Fuzzing

  • Determining if a crash is exploitable

  • 0-day generation

  • Stage 1 installers

  • Stage 2 installers

  • Command and Control Networks​

Specialized

  • Cell Phone

  • Wireless (802.11, Zigbee, and others)

  • SCADA​

Training

  • Intelligent filtering part 2: You know that each end point device has a limited command set, and responds at a given data rate. Flag/report/log anything that deviates.

DEFENSE

Operations Centers (SPOC)

  • Security Operations Center (SOC)

  • Network Operations Center (NOC)

  • Threat Operations Center (TOC)

  • Mission Operations Center (MOC)

  • Single Point Operations Center (SPOC)

Table Top Exercises

  • Red Force / Blue Force Exercises

  • Scenarios​

Custom *OC Development

  • Facility

  • Tools

    • Commercial

    • Custom

  • Training​

Managed Security Services Entire Defense Team

  • Intelligent filtering part 2: You know that each end point device has a limited command set, and responds at a given data rate. Flag/report/log anything that deviates.

Specialized

  • Custom Artificial Intelligence Solutions

  • SCADA solutions

  • Social Engineering

  • Operational Security

  • Situational Awareness

  • Behavior Analysis​

HIGH ASSURANCE

This is often referred to with a number of names. Some of which means High Assurance, most of which are describing one aspect of High Assurance. The bottom line is that High Assurance is “provable security”

Terms

  • Multi-Level Security (MLS)

  • Mandatory Access Controls (MAC)

  • Trusted Computing (TCS)

  • Cross-Domain Solutions

  • Data Diode​

Standards

  • Rainbow Series (A1 through D )

    • Particularly the Orange Book 5200.28-STD “DoD Trusted Computer System Evaluation Criteria

  • Common Criteria (The EAL levels 7 through 1)​

Solutions

  • Customized solutions for firewalls

  • Customized solutions for SCADA

  • Customized solutions for cellphones​

FORENSICS

Police Investigations

  • Trafficking

    • Child

    • Drug

    • Weapons

  • Gangs

  • Terror Networks

  • General crime​

Attack

  • Intel Gathering

  • Planning support​

Defence

  • Incident Response

  • Background Investigations​

High Assurance

  • Verification of Installation/Configuration

It is used to support all aspects of computer security in one manner or another.

TRAINING

Training is called out specifically here not because we have select courses, but because we don't. We provide customized training based on unique customer needs, situation, and tools. You do not come to us because you want a Java certification, or Security+, or some SANS certification, or CISSP. You come to us because you need this one thing from Security+, these four things from these three SANS courses, and another thing that you have not seen anyone offering.

As an example: You don't come to us to get a class in how to do Network monitoring with a SIEM. You come to us because you want a class on how to use the SIEM that YOU HAVE on the UNIQUE network that you have with the problems and issues that ONLY you have. We will create a customized course (or set of courses, depending on how many students, and how complex the topic(s)) This will include not only how to use the tool, but what it is telling you, and where to go next. How to write proper reports for a hand-off that someone else up the chain can read, understand, and act upon.