Presentation is loading. Please wait.

Presentation is loading. Please wait.

About Us Vulsec’s security experts deliver versatile tactics tailored to arm your IT department in the fight against hackers. We assess your organization.

Published byJane Hamilton Modified over 8 years ago

Similar presentations

Presentation on theme: "About Us Vulsec’s security experts deliver versatile tactics tailored to arm your IT department in the fight against hackers. We assess your organization."— Presentation transcript:

1

2 About Us Vulsec’s security experts deliver versatile tactics tailored to arm your IT department in the fight against hackers. We assess your organization to uncover the risks threatening your data, and the shortcomings of your Information Security Program (ISP). Vulsec’s accomplished team is equipped to provide you with their unsurpassed skills in the fields of: Social Engineering, Penetration Testing, Simulated Attacks, Mobile Device Risk Assessments, and Enterprise Risk Assessments. Our satisfied client list includes: Financial Institutes, Power Plants, Hospitals, Casinos, Restaurants, Hotels, Grocery Stores, and Retail Chains.

3 Our Partners Vulsec created a partnership network to introduce industry leading cyber security initiatives. We transform your IT department into a state-of-the-art defense mechanism to combat hackers. We make unbiased, vendor neutral recommendations and provide exclusive access to our vetted partner network. Our promise is to find the data and protect the data. Our clients are able to acknowledge an attack, mitigate an attack, and remedy vulnerabilities to keep critical assets safe.

4 In The News “Small businesses can’t afford to keep their head in the sand and think that hacking is only a problem the big companies face. All businesses need to understand their vulnerabilities, and realize that what they may not know now can have an incredibly detrimental impact later….” – Small Business Opportunities December 7 th, 2015 http://www.sbomag.com/2015/12/how-to-avoid-getting-hacked/ “Big companies “should” have the resources to realize, relatively quickly, when a security breach has occurred. However, these infrastructures are complex because secure architectural engineering has not happened before growth….” – Boston CityBizList November 2 nd, 2015 http://boston.citybizlist.com/article/311580/interview-with-andrew-ostashen-vulsec-llc “Most employees are not properly trained in the subject of identifying threats to the company infrastructure, or how to respond to them. Given the numerous techniques a hacker could employ – from rummaging through a dumpster to collect improperly discarded documents to showing up at a place of business as a contracted technical employee and gaining access to the main servers – comprehensive educational programs that train employees in detecting and responding to hacking threats are imperative….” – Banker and Tradesman October 26th, 2015 http://www.bankerandtradesman.com/2015/10/yes-it-can-happen-to-you/

5 The Security Life Cycle Vulsec’s Security Life Cycle (SLC) was meticulously designed to be customizable for all industries in order to successfully find the data and protect the data.Security Life Cycle (SLC)

6 Phase 1 Enterprise Risk Assessment What are the risks associated with the flow of data in the organization? Vulnerability Management Continuous Vulnerability Security Assessment. External Network Security Assessment Can the outside world get into the organization’s corporate network? Remote Social Engineering (Social Media Recon, Email and Phone Calls) Are employees giving out sensitive information? Managed phishing service. Physical Security Assessment Is the data center and data secure from unauthorized users? Wireless Security Assessment Are guest wireless users able to access the corporate network? Mobile Device Risk Assessment Is there corporate data going throughout employee’s mobile devices?

7 Phase 2 Internal Penetration Testing Is my organization able to determine if we are breached? External Penetration Testing Is an attacker able to breach perimeter security to access the corporate network? Spear Phishing What would happen if an employee downloaded a malicious attachment? Are the organization’s employees aware of phishing tactics? Physical Social Engineering Can an unauthorized user breach the organization’s buildings perimeter security? Is the organization’s data center safe from a physical breach? Wireless Penetration Testing Can an attacker utilize a broadcasted wireless network to gain access to the corporate network? Does the organization’s ‘Bring Your Own Device’ BYOD policy increase the organization’s risk of data compromise? Mobile Device Penetration Testing Vulsec will drop malicious QR codes, send corrupt SMS messages, and have users install deceptive mobile applications.

8 Phase 3 Simulated Attack Vulsec will perform a series of attacks that simulate real world scenarios. This allows the organization to practice how to acknowledge an attack, mitigate an attack, and remediate the vulnerabilities. This is similar to a ‘Capture the Flag’ scenario with your organization. Vulsec is trying to find data through simulated attacks while your IT department is defending the infrastructure. Threat Simulation Vulsec will setup hand-crafted scenarios for your organization based on your goals. Assess security levels of corporate access with VPN credentials. Installation of malware on employee workstation. Standard user credentials provided to test privilege escalation.

9 Niche Services Cyber Security Due-Diligence Is the organization you are acquiring have their intellectual property breached? Does malware have a foothold within the organization? Point of Sale (PoS) Risk Assessment Can your PoS network be breached from within the internal network? Are your PoS terminals susceptible to a breach? Medical Device Risk Assessment Are the medical devices deployed throughout the infrastructure leaving your organization at risk? Where are the medical devices located throughout the infrastructure? Casino Gaming Network Risk Assessment Is your casino designing a new game room or building a new casino? Vulsec can simulate your entire network to conduct assessments against a mirrored copy.

10 Vulsec Remote Security Appliance - VRSA Vulsec has developed a Remote Security Appliance (VRSA) that can be shipped and utilized for on-demand assessments. This option saves our clients $$ by providing personalized service with zero engineer travel expenses. Purchase hours or projects in advance for on-demand assessments through our VRSA. Virtual Environment Risk Assessment IT Polices and Compliance Assessment PII (Personally Identifiable Information) Gap Analysis System/ Network Secure Image Hardening Assessment Phishing Campaigning and User Awareness Training Organizational Malware Health Check Sensitive Data Identification Mechanism

11 Thank You & Contact Us! Address: 30 Newbury St, Boston, MA 02116 Telephone: 617-648-9815 Fax: 617-648-9819 Email: info@vulsec.com Linkedin Vulsec Linkedin Andrew Ostashen Facebook Twitter www.vulsec.com

Download ppt "About Us Vulsec’s security experts deliver versatile tactics tailored to arm your IT department in the fight against hackers. We assess your organization."

Similar presentations

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information Security) Certified COBIT 5 Assessor /Certified.

A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information Security) Certified COBIT 5 Assessor /Certified.
Overview 4Core Technology Group, Inc. is a woman/ veteran owned full-service IT and Cyber Security firm based in Historic Petersburg, Virginia. Founded.

Overview 4Core Technology Group, Inc. is a woman/ veteran owned full-service IT and Cyber Security firm based in Historic Petersburg, Virginia. Founded.
IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.

IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
K E M A, I N C. Current Status of Cyber Security Issues 2004 Keynote Address Joe Weiss January 20, 2004.

K E M A, I N C. Current Status of Cyber Security Issues 2004 Keynote Address Joe Weiss January 20, 2004.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
November 2009 Network Disaster Recovery October 2014.

November 2009 Network Disaster Recovery October 2014.
 Jonathan Trull, Deputy State Auditor, Colorado Office of the State Auditor  Travis Schack, Colorado’s Information Security Officer  Chris Ingram,

 Jonathan Trull, Deputy State Auditor, Colorado Office of the State Auditor  Travis Schack, Colorado’s Information Security Officer  Chris Ingram,
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
K E M A, I N C. NERC Cyber Security Standards and August 14 th Blackout Implications OSI PI User Group April 20, 2004 Joe Weiss

K E M A, I N C. NERC Cyber Security Standards and August 14 th Blackout Implications OSI PI User Group April 20, 2004 Joe Weiss
1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.

1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.
Topic: Information Security Risk Management Framework: China Aerospace Systems Engineering Corporation (Case Study) Supervisor: Dr. Raymond Choo Student:

Topic: Information Security Risk Management Framework: China Aerospace Systems Engineering Corporation (Case Study) Supervisor: Dr. Raymond Choo Student:
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Did You Hear That Alarm? The impacts of hitting the information security snooze button.

Did You Hear That Alarm? The impacts of hitting the information security snooze button.
2011 / 9/11/2015 2 S V E Security for Virtualized Environments The first comprehensive security solution for.

2011 / 9/11/ S V E Security for Virtualized Environments The first comprehensive security solution for.
What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.

What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.
Chapter 4.  Can technology alone provide the best security for your organization?

Chapter 4.  Can technology alone provide the best security for your organization?
This is the best Power Point Template ever. It comes with over 5 styles of colors and include lots of features. Serving New England Businesses Since 1988.

This is the best Power Point Template ever. It comes with over 5 styles of colors and include lots of features. Serving New England Businesses Since 1988.

Similar presentations

Ads by Google