|
--------------------------- ---------------------------
|
Eric Cole ********************************** Consulting Services ********************************** Based on his extensive experience in industry Eric's offers a wide range of high end consulting on a range of Network Security Topics. Some of the many areas of services are: Products
Assessments assess the security of a company from all aspects including physical, network, personal, host, policy, etc. Full assessments look at the company from an external and internal perspective, with the goal of identifying potential issues and giving companies a roadmap to fixing the problems. Assessments could also be specialized in nature, for example firewall assessments. Network Security Assessment
Network Assessment
Perimeter Assessment
Penetration Testing assess the security of a company from a hackers perspective. In this day and age more and more companies are concerned about the threat of their assets to a hacker. This testing looks at the security vulnerabilities purely from an external standpoint.
Penetration Test
External Scan
External Scan and Probe
Firewalls/Perimeter firewalls play a key role in the protection of most companies, yet most companies do not have them designed or configured correctly.
Firewall Assessment
Firewall Design and Implementation
Firewall Re-Design and Configuration Intrusion Detection more and more companies and concerned with being able to detect an intruder that his trying to do damage to their site. Setting up an intrusion detection system (IDS), requires a lot of skill and must be configured correctly, otherwise the number of false alarms is unbearable.
Network Profile Intrusion Detection Design and Implementation Encryption, VPN and PKI the proper use of encryption, plays a key role in defense in depth and securing the resources at a company. Yet most companies do not configure or use encryption properly to protect their corporate assets.
Encryption Assessment
VPN Design and Implementation PKI design and implementation Security Architecture more and more companies are starting to realize the importance of security, but they still think of it as an afterthought. Securing a network is more than just putting in a firewall. A network must be designed with security in mind, otherwise it will provide minimal protection.
Network Assessment
Network Security Blueprint
Design and Implementation of New Secure Networks
Re-design and Implementation Incident Handling incidents occur when companies least suspect and most companies are not prepared to deal with an incident that could jeopardize the success of their company. Being able to handle an incident, requires skills and expertise.
Incident Assessment
Incident Handling Retainer
Build out of Internal Team Policy Development most companies do not understand the importance of having a clear security policy and therefore either do not have a policy or have a confusing unenforceable policy. Policy development
Policy review and Re-design Site certification with the rise of the Internet, companies realize the importance the Internet plays in their on-going success. They also realize the risk the Internet poses. Therefore they want to know if their site is secure. There is no such thing as 100% secure, but a site can be analyzed against a set of security requirements to see how well they meet those requirements.
Requirement Generation
Site Certification
Follow-on Certification
Certification Recommendations and Implementation Risk Analysis companies that want to succeed in this current market, cannot reduce all of their risk, but they must know how to mitigate risk. By clearly understanding, what is important to a company, proper security measures can be put in place to protect those key assets. Risk Analysis
Risk Reduction Implementation Training/Seminars large and small companies a like need in house expertise to be able to maintain a proper level of security. General security training is available through many sources and is very good. Specialized training for certain markets or detailed technical training is harder to come by and is in great demand. Also, training is a great way to increase the customer base.
Hands on Hacking
Protecting Your Site by Hacking Into it
Security Issues for Financial Companies
Security Every Executive Should Know Expert Consulting In certain cases companies need specialized security help. If the consulting is high end and could lead to possible follow-on work, than it can be used as a good opportunity to increase the depth of our current staff.
Daily Consulting
Weekly Consulting Managed Services (Monitoring)
Perimeter (Firewalls and Routers) any external attacker that is going to breach a company, has to breach the perimeter security. Therefore, careful monitoring of the perimeter of a company can provide invaluable information to detecting and preventing an intruder from compromising a companys assets.
Firewall Managed Services
Router Managed Services Intrusion Detection as more and more companies understand the threats posed by attackers, they understand the need for intrusion detection systems (IDS). Unfortunately, they are very hard to configure and require constant care and feeding.
Intrusion Detection Managed Services Network
Intrusion Detection Managed Services - Host Servers the range of devices that incorporate the security perimeter of a network, range from hardware devices to dedicated servers. Therefore, the servers that are providing security services must be protected.
Server Managed Services
Email Managed Services
Web Managed Services Subscriptions
Weekly advisories the earlier a company finds out about important information, the more useful the information is to the security of the company. Weekly/daily advisories highlighting key information that can be used to protect a site can be invaluable. -
Weekly Security Update - High Priority Hacker Alert Company watch a large amount of information that attackers use to compromise a site is found in open source information. Yet most companies do not realize what information can be found out about them, or the type of information they inadvertently give out. -
Monthly Company Profile -
Monthly Company Profile and Risk Analysis Vulnerability list new vulnerabilities come out on a daily basis and keeping track of them is very difficult. Also, in most cases since a company is running only a limited set of hardware, only a small percentage of the vulnerabilities actually impact their company. Having a service that notifies a company of the vulnerabilities that impact their company would be very important.
Network Profile
Daily Vulnerability Update Vulnerability Scans since a company is constantly changing, the vulnerabilities that impact the network are also changing. Therefore periodic assessments of the company can help highlight key areas that need to be fixed to maintain a secure environment.
Quarterly Assessments. Monthly Vulnerability Scans
On-Demand Vulnerability Scans
|
|