Capabilities

Assessments

Assessments

PURPLE TEAMS

Our Red and Blue Teams work side by side with yours to improve testing, detection, and response capabilities. Visit Vectr Site

ADAPTIVE RED TEAMS

Our Red Team objective is to identify the path(s) of least resistance from the perspective of a malicious outsider that is targeting specific high-value information and privileged access on the internal network.

NETWORK PENETRATION TESTING

Assess the security on your external, internal, and wireless networks.

APPLICATION SECURITY

Black box, Gray box, and White box application testing.

SOCIAL ENGINEERING & SPEAR PHISHING

Targeted emails and phone calls test the security awareness and response of your employees.

PHYSICAL SECURITY PENETRATION TESTING

Assess the effectiveness of the security controls at your facilities, headquarters, and storefronts.

 

GRC and Strategy

GRC and Strategy

NIST CSF and ISO 27k Cybersecurity Risk Assessments

We have significant experience leading gap analyses and providing recommendations to better align with these leading frameworks.

Cybersecurity Roadmaps

Comprehensive recommendations for multi-year improvements across people, process and technology dimensions.

Data Risk Assessment and Data Security Strategy

Identification, classification and mapping of sensitive data, followed by risk assessment and controls improvement.

Vendor Risk Programs and Co-sourcing

We help build and staff programs to manage third party risk.

PCI QSA Audit and Scope Reduction

We help prepare companies for audit, certify them, design and implement scope-reducing strategies.

GRC Platform Implementation, Management, and Support

Assistance with selection, implementation, upgrades, core solutions and reporting.

Threat Management

Threat Management

Our “Blue Team” Consultants are dedicated to improving your defenses by selecting the right new controls and helping you get the most out of what you already have through expert engineering and process design

Emerging Tools Selection

Comprehensive, vendor-neutral comparisons of leading SIEM, User Behavior, Endpoint, Data Protection, and Network Monitoring platforms to help you choose a best-fit solution for your unique environment.

Security Architecture, Engineering and Implementation

Expert security architecture and engineering skills that work with your IT teams and stakeholders to coordinate global implementations of leading security tools.  SIEM, User Behavior, Endpoint, Data Protection, NGFW, Network Monitoring, Orchestration, Privilege Management

Incident Response and Table Top Exercises

Incident Response support, simulations and Incident Response Workflow (IRW) process design.

Forensics

Certified investigators can help identify, document and respond to malware, data breach, or other malicious activity.

 

Cyber SOC

Cyber SOC

To keep our quality high, we intentionally serve a focused portfolio of CyberSOC clients and we only take on a limited set of new clients every year.  This service is for organizations who want a highly-integrated service.

Monitoring

We watch, investigate and create Incident Reports which detail the type and scope of attacks, recommended remediation procedures, and plan to reduce exposure.

Notification

We provide Incident Reports through a client’s native ticketing platform, email notifications, and texts/phone calls based on a custom IRW.

Hunting

We use emerging techniques to conduct outlier analysis and heuristics-based identification of targeted, persistent attackers.

Alerts Engineering Tuning

We create deep search rules to identify anomalies and suspicious events. We focus on high risk systems, user groups and emerging attacker techniques.

Remediation Assistance

We help execute and scale remediation plans, work within your tools to help remediate incidents, and coordinate teams to action defined procedures.

Reporting

We consistently document ticket closure, mean-time-to-respond, and related metrics. We document monthly Executive Summary Reports to review overall attack trends and needs.

Innovations

Innovations

Intro

We believe in contributing to the community and devsecops principles.  We have also developed these security solutions in-house to assist our consultants, our clients, and our colleagues.

VECTR™

VECTR™ is the first platform designed to facilitate truly collaborative Purple Teams improvement simulations between your Red Team and CyberSOC. This freeware enables you to document attack methods following a standard kill chain, measure the effectiveness of your defensive tools and create meaningful CyberSOC improvement metrics.

Capabilities

  • Real-time activities tracking for Purple Team Simulations
  • Contains test plans for full kill chain assessments or custom campaigns
  • Maintains view of red team arsenal and blue team garrison
  • Visual interface for stakeholder-engagement and spectators
  • Reports organized by kill chain stage or campaign gaps, over time

Visit the Vectr site

BEEP™ for Executive Cyber Protection

BEEP™ is instant cyber security response with the push of a button.  BEEP is an IoT button configured to notify a 24×7 CyberSOC team that an executive needs help!  It enables you to provide white glove service to the people approving your budget. If executives have been attacked, hacked, or exploited, they simply push the button to kick off an investigation and remediation.  Your CyberSOC or ours.

Capabilities

  • IoT button, iPhone and Android apps
  • Integrates with your ticketing system
  • Workflow is customized per individual executive, if needed

OSINT

Open source intelligence engine includes search, workflow and reporting to monitor organization and executive data security risks.

Capabilities

  • Modules include: Web Recon, Custom Search, DNS Recon, Google Hacking, GitHub API, Social Media
  • Customizable search profiles
  • Flexible search module/plugin framework
  • Job Scheduling

Downloadable PDFS