Professional services

​CATSCAN® is our adversary emulation service that delivers a multi dimensional comprehensive assessment every-time.

• Application

Penetration testing and code review to identify security vulnerabilities in web, mobile, terminal, mainframe, and middleware systems - more information

• Network

Penetration testing of internal, external, wireless an operational devices - more information

• Hardware

Verify the security between the digital realms of systems that directly interact with devices such as sensors, valves, pumps, motors, and more through human-machine interface (HMI) software programmable logic controllers (PLCs) or remote terminal units (RTUs) - more information

• Human

Performing simulations of phishing campaigns, social engineering, ransomware, and physical security violations to determine risk - more information

---

PLATFORM AS A SERIVCE

​PENTESTON® is ​our cloud based,​ easy to use ​workbench that is used to conduct cyber security assessments​​. ​​​Raised in the New York University Veterans FutureLab, the product is today used by individual​ bug hunters​, businesses​ seeking to improve their own cyber hygiene​, and professional services providers.  ​Integrated with over (50) ​​​tools including SecurityScorecard​ and based on the CATSCAN® ​assessment methodology​. - more information

---

• Engage single system or multiple targets to determine if identified technical risk presents a business risk.
• For large projects collaborate with different team members, import and enter manual findings to a centralized QA resource.

​  ​​

---

OUR MANIFESTO

• ​We recognize that open-source and commercial software has become a foundation of our modern world. We know the awesome responsibility providing services to our clients
• We recognize that our work will be used in ways we cannot anticipate, in ways they were not designed, and for longer than ever intended.
• We recognize that our work will be attacked by talented and persistent adversaries who threaten our clients physical, economic and national security
• We recognize these things, and we choose to be in this business helping our customers every day.​
• We will be secure because our people refuse to be a source of vulnerability or weakness. We will be secure, not because it is easy, but because it is necessary and we are up for the challenge.

CORE INFOSEC VALUES

​People - Everyone has a role to play in information security. Security is implemented and practiced by people. People design and implement processes and technology, as well as follow processes and use technology to enable business.

• Process - Includes formal and informal mechanisms (large and small, simple and complex) to get things. Processes identify, measure, manage, and control risks to confidentiality, integrity, availability, privacy, and safety, and they also ensure accountability.​​
• Technology - ​Is composed of all of the tools, applications and infrastructure that make processes more efficient. Technology implemented by people following processes allows for the organization to meet its information security objectives.

• Confidentiality – Sensitive information is not disclosed to unauthorized individuals, entities, or processes.
• Integrity - Sensitive information has not been modified or deleted in an unauthorized and undetected manner.
• Availability - Information or an information system being accessible and usable upon demand by an authorized entity.
• Privacy - Freedom from unauthorized intrusion or disclosure of information about an individual.
• Safety - The condition of being protected from harm or other non-desirable outcomes.