Prevention, detection, and containment
InGuardians Protective Services Team delivers expert guidance to your IT employees, stakeholders and management in order to better defend their assets against targeted threats.
All of our Protective Services begin with building a threat profile of the client. In this process, our entire team identifies the threats and actors that pose the most risk to your organization. We can then use the threat model to determine the most effective security controls to deter the attacks, in addition to implementing audit measures to determine when breaches occur.
The services below are a subset of what InGuardians can do for your organization.
Security Architecture Review
InGuardians’ Security Architecture Reviews are broad-ranging and provide an in-depth analysis of your information security controls and audit measures. Our guidance, presentation, and report will help your team understand the current strengths and weaknesses of your security architecture, and provide a roadmap to construct stronger defenses and become more resilient to attack.
InGuardians assesses existing policies & configurations, interviews key stakeholders, and measures control and audit functions to identify gaps, deficiencies, and build a plan to remediate them.
Purple Team Training
The heart of an InGuardians’ Purple Team is the collaboration between your team and our Operators. Each training is customized and tailored specifically to the needs of your team and overall business requirements, making each Purple Team Training unique. We cover every aspect of the attack chain, from the edge of your network through domain compromise and beyond.
Security Program Assessment
The threat landscape facing organizations today requires a defensible architecture complete with preventative controls and detailed monitoring capabilities. InGuardians Security Program Reviews helps your team defend your enclave, deter threats, and dominate your domain.
These reviews provide detailed analysis of your current security program and provides your organization with a roadmap to achieving your security goals.
System Hardening Assessment
Proactive security measures disrupt or contain a bad actor’s attack. InGuardians’ operating system hardening and assessment service uses configuration steps and open source tools to block the initial compromise or contain its thread. Determine your gaps from standards and leapfrog into best practice. This starts at the operating system and application-level configuration settings, moves on to custom SELinux or AppArmor profiles and continues with local system instrumentation. Past customers of this service have run the gamut from DevOps to security appliance vendors to universities.
Request InGuardians hardening services on production systems or on systems you have in development.
Risk Mitigation Assessment
Our team will also recommend industry best approaches to address any outstanding vulnerabilities with an action plan that considers not only the technology but, more importantly, the business objectives of your organization.
For over eighteen years, InGuardians trainers have set the standard for excellence in the information security industry. We have helped author and deliver some of the most popular courses at The SANS Institute, Black Hat, Cansec, Interop, RSA, IDA, Distributech, and on site for private customers. Contact us to get started on creating a customized training experience for your team.
Our team has developed several security assessment tools, including two of the most popular within industry and government: the original CIS Linux/UNIX scoring tool and Bastille Linux. InGuardians’ Protective Services Team will perform a hardening assessment and recommend industry best approaches to address discovered vulnerabilities with an accompanying action plan that considers not only the technology but, more importantly, the business objectives of each client.
Policy Development and Review
In this review, InGuardians intrusion detection and incident handling experts will analyze the traffic flow, analysis methodology, and policies of your organization in order to make appropriate recommendations on how to better manage your systems and improve intrusion detection and incident handling practices.
InGuardians HuntTeam operators use both defensive and offensive teams to identify compromised systems, malicious code, and other indicators of compromise.
It is no longer a question of if, but when you will be breached. Most organizations are ill-equipped to handle their own breach investigations. During the past eighteen years, InGuardians has helped over one hundred Fortune 1000 companies recover from serious compromises. The process of containing the breach and eradicating the attackers is often a daunting one. InGuardians Incident Response Team has the experience to help your organization make a full recovery.
Incident Response Plan Review & Development
The experience level of our team allows us to engage in comparative evaluations of various security products. Some of these evaluations have been published in various information security magazines. Even when our tailored approach to a client project uses a commercially available tool, we analyze and evaluate the results from that tool to provide the client with realistic, prioritized solutions. InGuardians never uses an out-of-the-box report for the services provided.
Incident Response Training
Our Incident Response team will review your current Incident Response plan, and devise customized IR Team exercise(s) / scenarios based on your organization’s needs. Policy, procedure, and technical issues will be explored in-depth by the scenario.
InGuardians will create a document that describes any deficiencies discovered in the incident handling procedures during the training, as well as concerns identified while the scenarios were conducted, as part of the deliverable and will include specific, real-world recommendations based on our experiences with best-of-breed incident handling teams.
Press and Speaking
InGuardians subject matter experts are available for press and public speaking opportunities. We write, we teach, we do.