Define: Information security audit?
An information security audit is an audit on the level of information security in an organization. Within the broad scope of auditing information security there are multiple types of audits, multiple objectives for different audits, etc. Most commonly the controls being audited can be categorized to technical, physical and administrative. Auditing information security covers topics from auditing the physical security of data centers to auditing the logical security of databases and highlights key components to look for and different methods for auditing these areas.
Top Security Auditing Companies and Solutions
This article showcases Threat.Technology’s top picks for the best Security Auditing solutions. We selected these companies for exceptional performance in one of these categories:
- Innovative ideas
- Innovative route to market
- Innovative product
- Exceptional growth
- Exceptional growth strategy
- Societal impact
DANAConnect is the ideal communication automation platform for the financial ecosystem. In addition to smart flows and cutting-edge cross-channel technology, DANAConnect adds features specifically designed for the financial industry to ensure security, governance, compliance, and auditing.
DANAConnect combines emails, SMS, calls, push notifications, web forms, landing pages, and dynamic documents to automate the customer’s life cycle, emphasizing security at all times.. .
Cellopoint designs information security and email lifecycle management (ELM) products. We specialize in anti-spam, anti-virus, encryption, auditing, compliance and archiving solutions for email.
Cellopoint was founded in 2003. The leading team is composed of computer scientists with a wealth of experience in the industry.
Cellopoint collaborates with customers and partners from around the world to develop innovative products and solutions based on their requirements and forward-thinking concepts.. .
SailPoint Technologies, Inc. develops identity governance software in the United States.
The company’s software integrates role management, access request management, and compliance management solutions that help enterprises to capture control over user access to streamline IT compliance processes and reduce the risks of fraud. Its products include IdentityIQ, which is an identity governance solution that gives enterprises the visibility into and control over user access and streamlines complex processes; IdentityIQ Compliance Manager, which integrates access certification, policy enforcement, and activity monitoring capabilities and automates the auditing, reporting, and management activities; and IdentityIQ Role Manager that helps organizations to create, enforce, and verify role-based access in enterprise applications.
SailPoint Technologies, Inc. was founded in 2005 and is headquartered in Austin, Texas..
Full-service IT firm and Managed Service Provider specializing in Networks, streamlining business operations, maintaining continuity, eliminating downtime and cutting operational costs for our clients. Here are just some of the IT services we offer: • Network Engineering, Server, Microsoft Exchange support and traditional on site Network and PC break/fix services.
• As an MSP with our own Data Center, we offer the full array of proactive, preemptive Managed Services, including complete Server and real-time network monitoring, network security, patch management, network hardware health analysis, software and security threat monitoring. We prevent costly down-time by identifying potential issues early on, well before they become a server or network issue or crisis.
Keeping our client’s IT infrastructure running smoothly and efficiently, while delivering cutting-edge, cost-effective technologies is at the core of our mission. • Server, firewall and switch installation; network migration and upgrades – including on-site, telephone and Remote IT support.
• Microsoft Exchange server and full e-mail support services including secure endpoint protection. • Disaster recovery solutions, including real-time Server and Network replication, business continuation, secure, encrypted data backup and recovery in our local Data Center.
• Small Office wiring, complete building network wiring and wireless network installation. • Secure, encrypted e-mail, secure, encrypted storage and web hosting.
• Microsoft server and Exchange server, seamless migrations and upgrades. • IT Project management, complex multi-site deployments, cloud server and storage solutions.
SBS CyberSecurity, LLC
SBS CyberSecurity, LLC (SBS) is a premier cybersecurity consulting and audit firm. Since 2004, SBS has been dedicated to assisting organizations with the implementation of valuable risk management programs and to mitigating cybersecurity risks.
The company has provided cybersecurity solutions to over 1,500 organizations across the United States and abroad. SBS delivers unique, turnkey solutions tailored to each client’s needs, including risk management solutions, auditing, and education.
SBS CyberSecurity empowers customers to make more informed security decisions and trust the safety of their data.. .
Swiftsafe with a visionary of securing the digital world was founded with a team of expertise infosec professionals to deliver end to end cybersecurity and cyber forensic services across the entire digital world. We offer our services with a unique approach for each confronted company, which will help to detect & secure from various types of cyberattacks with our active research on advanced level threats by using threat intelligence along these various types of security approaches to secure all kinds of companies’ infrastructures.
lack of awareness on cybersecurity & data breaches we are currently offering a special free of cost package for start-up companies up to 1 year. Currently, Swiftsafe offering end to end Cybersecurity, Cyber Forensics, Vulnerability Assessment, Penetration Testing, Compliance, Security Audits, OSINT, End Point Security,.
CISOfy is a software solution that helps its users secure their business information. It protects information in Linux and Unix operating systems, employing its auditing, hardening, and in-depth analysis features.
CISOfy was founded in 2013.. .
AccessData Group has pioneered computer forensics and litigation support for more than twenty years. Over that time, they have grown to provide a broad spectrum of stand-alone and enterprise-class solutions that enable digital investigations of any kind, including computer forensics, incident response, eDiscovery, legal review, IP theft, compliance auditing and information assurance.
More than 100,000 customers in law enforcement, government agencies, corporations, consultancies, and law firms around the world rely on AccessData software solutions, as well as their premier hosted review and digital investigations services. AccessData Group is also a leading provider of digital forensics training and certification, with their much sought after AccessData Certified Examiner program..
Acunetix is the market leader in automated web application security testing, and is the tool of choice for many Fortune 500 customers. Acunetix detects and reports on a wide array of web application vulnerabilities.
Acunetix also includes integrated vulnerability management features to extend the enterprise’s ability to comprehensively manage, prioritise and control vulnerability threats – ordered by business criticality. Acunetix is a privately held company with its offices in Malta and the UK.
It is a Microsoft Certified Partner. It also has a sister company 3CX, a developer of IP PBX software for Windows..
eSec Forte Technologies
eSec Forte® Technologies is a CMMi Level 3 certified Global Consulting and IT Services company with expert offerings in Information Security Services, Forensic Services, Malware Detection, Security Audit, Mobile Forensics, Vulnerability Management, Penetration Testing, Password Recovery, DDOS Assessment, PCI DSS QSA Compliance etc. We are certified by CERT-In for providing Information Security Auditing Services.
We are Authorized Technology Partners of Information Security Solutions Tufin (Firewall Management), Nessus, Tenable SecurityCenter, Core Impact, Atola Technology, Arcos (Privileged Access Management), Netsparker, Burpsuite, AccessData FTK, AD Enterprise , E-Discovery, Checkmarx (Application Security Testing), Cyber Deception and more. We are also Manufacturer for CrackBox (Our Proprietary Tool for Password Breaking/Cracking) and DDOS Assessment..
Alpine Security (“Alpine”) is a Service-Disabled Veteran-Owned Small Business providing full-spectrum cybersecurity services and training. Alpine’s goals are to help organizations reduce cybersecurity risk and empower cybersecurity professionals with the skills necessary to effectively assist their organizations.
Alpine’s cybersecurity services include penetration testing, incident response, risk assessments, virtual CISO, and auditing. Alpine’s highly certified and experienced team uses a proven and trusted methodology.
Alpine has experience assessing, testing, and working in complex and high-risk environments, such as offshore drilling platforms, commercial and military aircraft, medical devices (deployed and in-development), blockchain, ICS/SCADA, and embedded systems. Alpine’s medical device penetration division aims to improve patient safety while reducing medical device manufacturer and healthcare provider risk.
Alpine’s cybersecurity training focuses on cybersecurity certifications, such as Certified CISO, CISSP, CEH, Security+, and Advanced Penetration Testing. Alpine Security is headquartered in the Greater St.
Louis / Scott Air Force Base Area.. .
AccessOne – Gestão de Identidades e Acessos
StartUp specializes in Governance / Management / Intelligence of Identities and Access to corporate systems. We help midsize and large organizations automate their identity and access management processes in compliance with related policies and regulations.
Our system, AccessOne, is an integrated platform that helps our customers automate operational activities, reduce costs, increase productivity, improve access and equipment monitoring, maximize information security, and ensure compliance in audit processes. Main features of AccessOne: – Unique console for identity management and access to integrated systems; – Self-service for reset, account unblocking and access request; – Security reports on employees, credentials, access and equipment; – Automatic deactivation and / or removal of accesses (shutdowns, vacations, departures); – Automatic creation and revocation of accesses (hiring, promotion, transfer, etc.); – Security audit in the access to Servers, Desktops and Notebooks; – Automatic granting of access after approval flows; – Integration for auditing and provisioning of various market systems and possible customization..
Dash provides one simple deployment for creating HIPAA compliant environments on public cloud platforms, such as Amazon Web Services (AWS) and Google Cloud Platform (GCP). Our automated dev-ops process manages backup and disaster recovery, auditing and logging, and administrative policy implementation.
We make it easy for organizations to build applications without having to learn new APIs, technologies or deployment practices. Whether you are a digital health organization or a Software-as-a-Service (SaaS) company, we can help your team manage the HIPAA compliance process and set safer security standards, while leveraging the flexibility of the public cloud..
Algosec automates and orchestrates network security policy management and business applications while ensuring security compliances. Through its application-centric approach, AlgoSec automates and simplifies security policy management across virtual, cloud, and physical environments to accelerate application delivery.
It streamlines change management, optimizes firewall and network access configurations, mitigates risks, and ensures continuous compliance. The customers of the company are divided into sections such as financial services, telecom, utilities and energy, security service providers, technologies, healthcare and pharmaceuticals, retail and manufacturing, transportation, and entertainment.
It offers its users with security policy change management, security policy risk mitigation, firewall auditing and compliance, hybrid cloud security, data center and application migration, and firewall management. Algosec is a U.S.-based company that was founded in 2003..
At Fibre Technologies, they enable you to cope with the increasing demand for greater network bandwidth, which is stressing communications infrastructures. Established since 1990, they have been working with a range of companies in different industries to provide Fibre optic communication solutions.
Their Fibre optic communication products and services allow telecommunications carriers, ISPs, universities and IT infrastructure providers to alleviate congestion within existing networks, by providing innovative solutions to overcome capacity limitations. They provide a full range of products, services and solutions, including copper to copper, copper to Fibre, optical multiplexers, test and measurement solutions, networking IP and much more.
All of their services and solutions are backed by extensive logistical and technical service support, including training, auditing and installation for clients. They work closely with their customers to provide a professional advice and installation service at all stages and they offer more than just products and services.
Using in-house knowledge and understanding, they are able to help customers with any commercial or technical issues which may arise.. .
We Secure App
We Secure App is a cybersecurity company that offers security consulting, auditing, and testing services. It aims to help identify and cure the problems encountered by customers in the field of security testing.
We Secure App has received several awards including the Best Product Startup of 2019 in APAC & Japan by RSA Launchpad, Top 5 products of 2019 which was recognized by Nasscom Product Conclave, and the Top 50 most promising start-ups of the globe in 2018, by Startup Grind, Google for Entrepreneurs. It was founded in 2015 and is based in 2015..
Lostar Bilgi Güvenliği is a business consultancy firm that offers its services to the IT security, training, and auditing sectors. It helps companies secure their business assets and digital infrastructure by providing a wide range of customized consulting, auditing and training services.
The company’s core activities include assessing risks, designing security systems, developing and implementing strategies, and undertaking reviews. Lostar Bilgi Güvenliği combines the ability to identify the key issues and formulate strategies in complex and dynamic environments, with the know-how to provide practical support at the coalface.
This can include advice and assistance in selecting the appropriate solution, undertaking a tendering process, and getting the best from manned services. Lostar Bilgi Güvenliği was founded in 1998 and is based in Istanbul, Turkey..
DataSunrise is an innovative software company dedicated to delivering data security products. DataSunrise was founded by a talented team with strong background in enterprise security, data protection and database management systems.
DataSunrise’s flagship product is a data-centric high-performance security software for real-time sensitive and private data protection, auditing, discovery, compliance with privacy law, SOX, HIPAA, ISO27001, PCI, GDPR.. .
BCA Solutions – BCAS
BCA Solutions (BCAS) is a well-established team of regulatory and technical specialists, with involvement in the blockchain and crypto-asset industries spanning back to 2013. BCAS’ comprehensive service offering can largely be categorized into regulatory and licensing, blockchain development & implementation, and cybersecurity & auditing services.
In terms of regulatory and licensing services, BCAS is present and operating in Malta, Liechtenstein, and Singapore, and therefore well-equipped in providing assistance in such jurisdictions; moreover, BCAS is a licensed VFA Agent in Malta. The directors of BCAS, Jonathan Galea and Anton Dalli, boast of over twelve years’ worth of collective experience in the blockchain space, and offer a holistic suite of advisory services ranging from legal advice to fundamental knowledge vis-à-vis project structures..
Venustech is a provider of network security products, trusted security management platforms, specialized security services, and solutions. It has professional security product lines, which apply technologies in the field of firewall, UTM, intrusion detection, security auditing, terminal management, encryption, authentication and more.
Venustech already has a number of product models and are currently developing more. Its solutions integrate security products and services to meet clients’ demands and help them establish comprehensive security systems.
Venustech was founded in 1996.. .
NETSHIELD is a breach prevention company that offers intranet breach prevention appliances and advanced mobile and IoT security. Its mission is to be a trusted provider of cost-effective, proactive security solutions to enhance the organization’s cyber-risk mitigation strategies.
NETSHIELD delivers critical network access control to ensure only trusted assets access corporate networks. Additionally, zero-day malware and phishing attack real-time quarantine, mac-spoof detection, TLD blocking, comprehensive auditing, vulnerability assessments, and compliance reporting and enforcement make this a comprehensive and compelling offering.
NetSHIELD is available as a hardware appliance that scales from 25 to 10,000 protected assets per appliance. In addition, an embedded command center allows administrators to manage up to 1000 remote sites..
SAINT develops security software including integrated vulnerability assessment, penetration testing, configuration auditing, and compliance. SAINT uncovers areas of weakness in the network and recommends fixes.
With SAINT you can: Identify vulnerabilities on network devices, operating systems, desktop applications, Web applications, databases; Detect and fix possible weaknesses in your network’s security before they can be exploited by intruders; Go beyond simply detecting vulnerabilities to safely exploiting them; Demonstrate compliance with current government and industry regulations such as PCI DSS, NERC, FISMA, SOX, GLBA, and HIPAA; Perform configuration audits with policies defined by FDCC, USGCB, and DISA.. .
Spherical Defence Labs is a cyber security company. They provide penetration testing and vulnerability assessment for startups looking to safeguard their digital infrastructure from cyberattacks.
It currently focusses on developing the next gen IDS using AI for banks to detect hackers trying to access and temper their systems. The company also offers auditing and consulting services.
Spherical Defence Labs was founded by Dishant Shah in 2015, and is headquartered in the United States.. .
Lumeta’s network situational awareness platform is the authoritative source for enterprise network infrastructure and cybersecurity analytics. Available for both real-time monitoring and point-in-time auditing, Lumeta recursively indexes a network to identify and map every IP connected device, as well as uncover network segmentation violations and cybersecurity anomalies.
The foundational intelligence provided by Lumeta gives IT management a clear, comprehensive assessment of network vulnerabilities, cyber threat risks and policy violations from network edge to core, allowing for decision making impacting security, compliance and availability. Lumeta’s solution addresses today’s security initiatives associated with continuous monitoring; SANS Top 20 Critical Security Controls; and virtualized infrastructure including private and public cloud visibility, outsourcing and offshoring, and software defined networks (SDN) – all of which increase the complexity of a network and challenge traditional security defenses.
Lumeta’s solution also delivers an efficient and cost-effective process to streamline network consolidation (M&A) projects. Lumeta optimizes other network and security product investments by feeding them accurate and fact-based network intelligence.
Headquartered in Somerset, New Jersey, Lumeta has operations and clients throughout the world. More information is available at www.lumeta.com.
IDsManager is a cloud identity service platform provided by Kyushu Yunteng. Based on the traditional account, authentication, authorization, and auditing 4A, they add our unique application store to form a 5A platform that can provide a unified portal for enterprise users and developers.
Rapid development and application integration can be based on this platform.. .
ImmuniWeb provides AI-enabled Application Security Testing and Attack Surface Management SaaS solutions for web, mobile and IoT security testing, digital asset inventory with actionable security ratings, and Dark Web monitoring tailored to reduce complexity and operational costs. ImmuniWeb, headquartered in Geneva, is a spin off from an award-winning MSSP provider High-Tech Bridge SA fully dedicated to ImmuniWeb® AI Platform.
ImmuniWeb also has a branch office in Austin, Texas.. .
Vyatta, Inc. provides network routing and security software and hardware appliances.
It offers an enterprise-class network routing, security, and traffic management software solution that enables network administrators to leverage the performance of Intel/AMD hardware, as well as run in VMWare, Xen, and Hyper-V virtual environments. The company also provides network hardware appliances that pre-integrate its software with x86-based hardware platforms to deliver optimized network performance.
In addition, it offers documentation and training, software updation and maintenance, technical support, implementation planning, network architecture and design, auditing, configuration, network migration planning, and interoperability testing services. The company serves its clients in service provider, government, and educational markets.
It offers its products through a network of distributors and resellers, as well as online in the Americas, Europe, the Middle East, Africa, and the Asia Pacific. Vyatta, Inc.
has strategic partnerships with IBM; Digium, Inc.; Neterion; VMware; AlterPoint; HYPERIC; and SANGOMA. The company was founded in 2005 and is based in Belmont, California..
CloudAccess, Inc. provides cloud computing security solutions to enterprises.
It offers SingleSource, a cloud based security platform that addresses security requirements for healthcare, financial, retail, and other sectors; CloudAccess Identity Management, an identity infrastructure-as-a-service solution that manages user accounts, enforces user access policy, and provides necessary auditing and reporting in private or public clouds; and CloudAccess SaaS SSO, a single sign on security platform that provides access control and audit virtually for SaaS applications and SaaS platforms in public and private clouds. The company also provides CloudAccess Web SSO, a solution for Web single sign on, identity federation, integrated Web and access control, remote user security, identity enabled access management, and simplified administration; CloudAccess SIEM technology, a security information and event management solution; and CloudAccess Log Management, a solution that works with CloudAccess SIEM to provide secure storage and the lifecycle management of event data.
In addition, it offers a range of support services, including specific environments design and architecture, administration, and training services. The company was founded in 2011 and is based in Los Angeles, California..
High Cloud Security
High Cloud Security, Inc. designs and develops virtualization and cloud security management solutions.
The company offers enterprise solutions focusing on virtual machine encryption and security, key and policy management, auditing and reporting, and automated restoration of virtual machines. Its clientele include Voodoo Security, Inter Orbis, and CipherPoint Software.
High Cloud Security, Inc. was founded in 2009 and is based in Mountain View, California..
SOE Software Inc
SOE Software develops and distributes election management and voting solutions to its clients. The company provides solutions for pre-election, planning, election configuration, personnel training, voter education, registration, management, support, remote voting, on-site voting, post- election, results consolidation, reporting, auditing, and governance.
In addition, it offers electoral consulting services to its clients. SOE Software was founded in 2002 by Mark Schneider and is based in Florida.
It was acquired by Scytl in 2012.. .
Founded on July 8th 2010, RedShift started specialized on Data Networking and Information Security Auditing, providing services to Portuguese Government agencies. On their second year, they expanded their capabilities with a new Consulting team dedicated to support our customers 24/7 and a second team specialized on Outsystems Framework development.
On April 2017 they have acquired a Information Management business unit with a team of specialists on IBM/FileNet and on ECM and BPM projects implementation. After the first year they started focusing our activities as Consultants and Integrators, helping our clients to choose the best of the breed technologies and solutions that best apply to their requirements and objectives.
Since day one, despite being in the midst of a very strong economic crisis, They kept growing over 100% per year, both in volume and Human Resources capacity.. .
HACERA is security framework that simplifies the access control management on blockchains. Its speciality and focus is highly secure Authentication, Authorization and Auditing/Accounting (AAA) services on blockchains.
Established in 2015, HACERA is headquartered in San Francisco, California.. .
AppSecure is a Cyber Security Resource founded by a White hat hacker and ex flipster Anand Prakash. We offer distinguishable penetration testing services alongside prominent vulnerability assessment,unprecedented, security consulting and auditing .
Encouraged by desire to offer eminent solutions, speedily and well planned, AppSecure was conceived and founded to recognize and rectify the weaknesses of the customers in the field of Security Testing. The professional penetration testing approach by a group of certified security researchers and domain experts at AppSecure is unique because of our intrinsic desire to see if your applications can be broken into past the normally-presented boundaries.
Our team provides all-inclusive reports that assist you in getting your vulnerabilities affixed. Our competitive pricing strategy ensures a healthy work environment for both businesses and the AppSecure team.
We conduct penetration tests that would help you determine the weaknesses in your applications, networks, infrastructure, mobile or web services and cloud security. A thorough vulnerability assessment is done through software testing and network security scanning.
Content Management Systems (CMS) like WordPress, Magento, Drupal, Vbulletin, and Joomla are extremely popular and make working with content a cakewalk. But keeping track of your CMS security isn’t just as simple.
With AppSecure, you can keep checking your site for the latest vulnerabilities, thus making sure your CMS is secure. As the block chain environment is highly volatile, consistent changes in the security scene are to be expected as new bugs keep coming up and new accepted procedures are standardized.
Gluetech’s dataprobe solution automates the tracking of data flows for a given business process in real-time for the purpose of auditing, compliance, cyber-risk, data quality, etc. The solution is non-disruptive to current process and data flows.
Dataprobe has been validated and proven in the market by large financial organizations. It leverages AI and blockchain..
Performance, Data security, privacy, regulation compliance, and growth product and services. Products: * PubPerf – Performance management solution for digital publishers * UniConsent – Universal personal data privacy consent management platform for GDPR CCPA regulation compliance * PubPayment – Payment, membership, subscription and monetisation solutions for online publishers * PubSurge – First party data platform for publishers * Transfon Gateway – Modern website/API/infrastructure data security, performance monitoring and optimization, integration solution powered by data intelligence.
Services: * Managed Cloud and server services * Web application performance optimization * Cloud and Infrastructure management and migration * Cost auditing and optimisation * Retailers and e-commerce solution. .
Visual Click Software
Visual Click Software is a leading provider of customizable interactive computer network security access management and real-time auditing technology. Based in Austin Texas, Visual Click helps organizations of all sizes reduce the costs and complexity of managing their internal security.
Visual Click’s tools, including its flagship products DSRAZOR and CPTRAX, are developed specifically to help executives better meet compliance standards through internal audits of security permission definitions and implementations with real-time monitoring and alerting of changes. Co-founders John T.
McCann and Steve Garms incorporated Visual Click in 1999, and together patented a visual design technology that enables point-and-click customization of security access management and reporting applications as well as optional role-based delegation.. .
Nakina Systems provides Network Integrity Management solutions to the telecommunications industry worldwide. Our solutions enable service providers to introduce new services and grow networks more rapidly and with fewer outages by automating the discovery of network equipment, reconciling with inventory systems, auditing software in the network, and centralizing management of network security.
Nakina’s solutions power integrity in the world’s largest networks, and they are provided in partnership with the world’s largest and most advanced equipment manufacturers.. .
Definitive Data Security, Inc. (DefiniSec)
DefiniSec provides highly effective data protection from today’s most advanced threats with software that’s easy to use and administer. Our technologies are based on a collection of established techniques refined by security practitioners with over a century of collective experience.
Together with innovations in key areas, we are able to greatly inhibit nation-state sponsored espionage and international organized crime syndicates that use attack techniques other security solutions do not and often times cannot address. Our products provide data encryption, access control, backup/recovery, secure collaboration, and disaster recovery – all without significant impact to the way you normally work with information.
We provide one-touch data restoration and also deterministic, host-based data access auditing that is critical when managing Incident Response details inside corporate networks.. .
One Bainbridge & Co. Private Investigators
Mr. Ornston is a licensed private investigator and attorney in the State of New York, and he brings over 15 years of investigative, legal, and project management experience to the company.
Mr. Ornston specializes in performing background and due diligence investigations, conducting surveillance operations, identifying and tracing domestic and off-shore assets, conducting risk assessments and investigations in connection with the Foreign Corrupt Practices Act (FCPA), investigating corporate fraud, and managing forensic audits.
Prior to forming One Bainbridge, Mr. Ornston was Managing Director of GW Consulting USA (Garda), a publicly-traded international consulting and investigations firm.
During his tenure at Garda, Mr. Ornston was responsible for the management of all services offered by the firm’s New York City office, including the design and management of domestic and international investigations and the management of surveillance and undercover operations.
Prior to joining Garda, Mr. Ornston was a Managing Director with Thacher Associates, LLC, a corporate intelligence, investigations and integrity monitoring firm based in New York City.
Prior to joining Thacher, Mr. Ornston was a consultant with Investigative Management Group, an international investigations firm based in New York City.
Pangia Technologies LLC
Pangia is a software engineering company that provides technical solutions in the areas of computer network operations, information assurance, mission systems, software and systems engineering, and IT infrastructure support. Founded in 1999, Pangia has 110 employees and is headquartered in Fulton, Maryland.
Pangia’s work has high technical content and includes application development, systems vulnerability auditing and threat analysis, intrusion detection engineering, system security architecture design and development, broadly based software development, and design, development, and support for key systems through their lifecycle. Pangia has contract vehicles with key members of the Intelligence Community, the Department of Homeland Security, the United States Air Force, and the United States Navy..
Stratus Digital Systems
Stratus Digital Systems (“Stratus”) is an early stage cybersecurity company that has transformed the way sensitive and critical data are communicated. We deploy temporary, autonomous servers (TAS), on-demand, and at random IP addresses, which are destroyed after use, thereby reducing the risk present in static servers.
Permanent server resources are subject to continuous risk as a broad attack surface. The Solution transitions an organization, in the course of a week or weeks, from managing static server resources to commanding server resources on-demand.
Deploying limited-purpose temporary servers with only instance-relevant software modules reduces dramatically the attack surface as well as the window of opportunity by exposing resources only as long as necessary (e.g., per instance, per login). Following deployment (e.g., per instance, per login) the temporary server is destroyed.
These organizational changes ensure computing resources are now ephemeral, responsive and on-demand. Using on-demand servers with fresh software sourced from a golden image, and auditing utilities within the existing cybersecurity environment ensures that authorized activity is controlled and carefully circumscribed.
This on-demand environment enhances speed and surety of forensic investigations, and helps ensure compliance with regulatory and security protocols. Access to the server is reduced to only the parties authorized and authenticated to the instance.
In other words, there is no server administrator, super-user access or any other logical access control vulnerabilities, which are all necessary evils to manage and optimize static servers (e.g., repeated patches to stale software).. .
Jacobian Engineering is a cybersecurity and software development firm capable of building highly scalable, secure, compliant, maintainable and reliable services. We have a deep bench of highly trained staff capable of playing the role of solutions architect, IT operations and operational management and/or auditing and compliance reviews.
Security and Compliance • CISSP, CAP and PCI trained staff experienced building both secure software and secure infrastructure to meet HIPAA/HITECH, ITAR, PCI, ISO27k and other compliance frameworks. • Maintaining complete independence and impartiality, we conduct NIST / RMF security audits, ASV scanning, penetration testing and help customers maintain compliance and security standards.
• Conduct SSAE16 compliance audits (formerly known as SAS70). • Assist companies in establishing compliance and security programs to meet FISMA reporting requirements.
Operations • Jacobian maintains a 24/7/365 network operations team trained and ready to take on all or partial operations for customers. • Build, deploy and maintain robust monitoring networks and technologies for use by our NOC or by customers directly to alert, trend and monitor operations.
• Provide Level 1/2/3 IT remote and on-site support for customers based upon business needs, SLA and program requirements. Software Development During diligence and program review, we pick the right technology for the job based on security/compliance, operational requirements, maintenance/training and customer preferences.
Technologies in our solutions used by customers today include: • Embedded systems, control system drivers, video and communications – C++ • High transaction RESTful services – Python, Node.JS • Web applications, e-commerce sites and scripts – PHP / Ruby / Rails • DevOps automation on thousands of nodes – Chef / Puppet / FinalBuilder • NoSQL – Mongo, Redis • SQL – MySQL, MS SQL Server • Many other technologies – RabbitMQ, Ansible, Capistrano, etc.. .
AKS IT Services
AKS IT is a provider of wide range of IT Security Services including Web Application Security Auditing, Network Security Auditing, Information Risk Management, Cyber Forensics, Mobile Forensics & Cyber Crime Investigation, Information Security Training, Computer Security Incident Response Team (Design, Setup and Training) and Security Operations Centre (Design & Implementation). The Company has been empanelled by CERT-In (Computer Emergency Response Team India, Government of India) as an Information Security Auditing Organization (http://www.certin.org.in/security-auditors.htm) and Controller of Certifying Authorities (CCA).
AKS IT Services currently operates from Noida, India and its global relationship base consists of approximately 110 clients, including Government & PSU organizations, in such high propensity to and potential of servicing sectors as manufacturing, banking, telecom, pharmaceuticals. Their esteemed client list includes Government of India, Indian Army, Indian Air Force, CBSE, Airtel, ALSTOM, NTPC, NIC, Railways, Delhi Police, Ericsson,TCS,NIIT, SRF, C1India and The Grand Hotel..
Sapience is an intelligent way to secure your data gateway. Sapience are an international team with offices in Europe and the US.
We help our customers protect their data from external threats by using state of the art API technologies.. .
JIT Solutions is not yet another digital agency rather than an unique hybrid firm – a team composed of specialists in online marketing, cybersecurity and devops. By creating a fusion of the skill-sets which usually are not combined we are able to offer one of a kind tailored business intelligence, online marketing and cyber security services.
Along with that we are developing a couple of in-house tools and SaaS projects for security auditing and digital marketing automation.. .
The Mako Group
The Mako Group, a cyber risk management firm, has been knocking the socks off our customers since 2009. The Mako Group specializes in auditing, risk assessments, SOX auditing or testing and penetration testing for mid to large-sized businesses in the fields of Manufacturing, Healthcare, Education, Financial, Legal and more.
Everything we do is designed to achieve the highest level of cybersecurity and audit standards, beyond examiner and regulatory minimums.. .
Cryptodus is a team of experts in crypto space with a solid track record in blockchain, smart contracts consulting, development and auditing areas, and token sale advisory. Cryptodus carries and enhances valuable experience, skills, and competencies since the early days of the blockchain technology appearance.
We believe in a digital future and we are fully committed to what we are doing.. .
Randtronics develops data privacy solutions to protect against malicious intent from external hackers, internal employees and outsource contractors. Founded in 2002 Randtronics delivers solutions to clients worldwide.
Randtronics’ core technology known as Data Privacy Manager (DPM) protects structured and unstructured data using encryption, key management, masking, tokenization and anonymization with multi-factor authentication, access control and auditing. DPM’s offerings are some of the easiest to install and use the safest methods of security available.
Without measures like encryption, companies are only partly securing their data and exposing themselves to growing vulnerabilities like data breaches that cost companies millions of dollars every year. Randtronics was founded with the mission to empower businesses to be proactive in protecting their most precious assets to secure their future.
With the introduction of DPM this mission is being delivered on stronger than ever before.. .
SolutionArts makes getting service and support for your tech-filled life, simple, secure & sane. WETWARE: I provide workflow training to help you become even more productive behind the keyboard, as well as translating technobabble and performing service provider invoice auditing & technology concierge services.
HARDWARE: Evaluation, assessment, repairs and upgrades including wireless networks, hybrid backup setup, data recovery, migrations between platforms and devices, rental hardware & end of life data destruction for older devices. Forensic data discovery and recovery.
SOFTWARE: Application needs evaluation, assessment, upgrades & recommendations, entertainment appliance setup and configuration, data and file migration, cloud computing recommendation & setup.. .
idappcom provides unique industry approved software solutions for auditing and enhancing the threat recognition and response capabilities of your corporate security defences. idappcom was formed in Guernsey 2004.
In 2009 they moved operations to the UK. Since then they have supplied software and hardware that enhances network security, reducing risk and lowering cost of ownership of devices.
Their products are constantly evolving in response to the needs of their customers. They have traditionally supplied security vendors and test labs and now supply new versions of their products specifically developed for the end user.
Years of expertise and development knowledge are now available to the global market to assist their customers achieving the highest levels of network threat protection.. .
JakinCode is an information and communications technology engineering that develops, designs, and implements cyber security solutions specializing in business intelligence. Its business intelligence solutions for asset management and information security allow them to analyze relevant indicators of the organization and anticipate potential incidents before they occur.
The company offers information security services like network auditing, forensic analysis, web application auditing, and vulnerability diagnostics on IoT devices. JakinCode was founded in 2014 and is headquartered in Vitoria-gasteiz, Pais Vasco, Spain..
Chalet Tech assigns a risk score to every piece of sensitive data within an organization. The key technology is its Adaptive Data Behavioral Model™ (also called DataDNA™) which provides risk assessments by analyzing database transactions in real-time.
Our highly scalable solution consists of Host and Network Agents that deliver in-depth activity monitoring of databases. The enterprise level platform uses behavioral analytics, and data-centric auditing and protection capabilities to mitigate risk..
CyberSRC® Consultancy is an award winning firm, positioned to provide cyber security, data protection and assurance services with integrated security solutions aligned to customer’s security and business objectives. CyberSRC offers services in the domains IT Governance, Cyber Security Risk Management, Digital Risk Management, Solutions for External Threat Intelligence & Phishing Simulation, Information Privacy, Information Security ( ISO 27001, NIST framework), Control Life-cycle Management, Vendor Security Risk Management, Compliance Management (SOX, HIPPA, GDPR, CCPA, SOC1/2, Cyber Laws etc), IT and Security Audits, and Managed Security Solutions.
ThreaTrap protects Enterprises even BEFORE an attack occurs. Security level Auditing, Cyber Threats elimination through client – centric solutions and Continuous personnel training create a Cyber Shield for the Companies.
ThreaTrap’s critical corporations are under attack. But they need to protect their sensitive information from the adversaries.This is why they have to adopt a strategy as thorough and relentless as the adversary’s pursuit of it.
They utilize years of training and field experience to proactively defend Enterprises. Threatrap delivers cutting-edge technology that identifies even the most advanced Cyber Attacks targeting organization’s valuable data.
Clients gain instant live view of the Enterprise’s security level alongside with suggested mitigation actions.. .
NTA Monitor is a network security and assurance services provider. Established in 1996, NTA is a founding member of CHECK and has a strong portfolio of accreditations including CREST, CHECK, PCI ASV and Cyber Essentials.
It is a trusted information security partner supporting private and public sector organisations that are working towards certification and cyber security compliance. NTA specialises in the provision of penetration testing, compliance certifications, training and auditing solutions, helping organisations to minimise cyber security risks across their supply chains..
**Oquma** is a Consulting Professional Network and a Quality Management System in combination to success in SME/SMB Standards Compliance Management. **Oquma’s Professional Network** is a continually growing as a source to provide answers and consultancy help in the following areas: * ISO 9001 Quality Management Systems Standard * ISO 14001 Environmental Related Standards / EMAS * ISO 17025 Calibration, Measurement Gages and Test Laboratories * ISO 13485 and ISO 14969 – Medical Devices – Quality Management Systems * ISO 19011 Quality and Environmental Management Systems Auditing * ISO/TS 16949 International Automotive Quality Systems Standard **Oquma Documents** is a cloud management system for companies looking a software as a service solution.
The system provides document management, integrated with a Wiki methodology.. .
This article was written by Benjamin Skute from Threat.Technology. The editor for this article was Tess Page. If your company is featured in this article and you want to have amendments made please contact us on: [email protected].
Alternatively you may write to us at: Threat.Technology/Fupping Ltd, First Floor, 61-63 Rochester Pl, London NW1 9JU.