GRC SaaS Platform for Risk Management
ABOUT: This tool helps manage an organization’s cybersecurity risk. The platform enables communication of program progress and budget requirements with executive management so that they can make better cybersecurity risk decisions.

EMAIL SECURITY
ABOUT: This is a technology that inspect incoming and outgoing email from your email provider to identify spam, malware and URL based threats, and phishing campaigns from reaching users and preventing further damage even if the user has received malicious emails.

ENDPOINT PROTECTION
ABOUT: Agent-based solutions that provide combined malware protection and endpoint response and detection capabilities to prevent the infection and lateral spread of malicious activity as well as incident response capabilities such as endpoint isolation and remote investigation capabilities.

FILE AND DATABASE ENCRYPTION
ABOUT: These solutions allow for more granular/targeted encryption of structure and unstructured data such as a specific document, folder, or database tables and fields. This is beyond the capabilities of whole disk encryption solutions and allows for advanced access control to the encrypted data.

FILE INTEGRITY MONITORING (FIM)
ABOUT: A FIM solution watches for changes to sensitive or business critical files or code base and provides alerts on change activity to be investigated. This is a requirement for PCI DSS.

MULTIFACTOR AUTHENTICATION AND ACCESS (MFA)
ABOUT: The purpose is to enhance security of authentication across multiple applications by requiring additional factors from the user for successful authentication.

NETWORK MICRO-SEGMENTATION AND ASSET DISCOVERY
ABOUT: These solutions proactively identify assets on your network and allow for the granular implementation of segmentation via software agents. This eliminates the need to upgrade firewall hardware and software and allows for simpler network segmentation that will not require the re IP of deployed systems and devices.

NEXT GENERATION FIREWALLS
ABOUT: Next gen firewalls enhance border security by allowing for more granular control of traffic between networking segments. This is accomplished by identifying which applications and users are accessing resources through the firewall and allowing for granular policy to be applied based on applications and users vs. the traditional port and protocol of legacy firewalls. Next gen firewalls also include Intrusion Detection and Prevention, URL Filtering, advanced malware sandboxing and behavior analytics, as well as packet capturing.

PRIVILEGED ACCOUNT MANAGEMENT(PAM)
ABOUT: A PAM solution manages identified privilege account passwords by rotating passwords, forcing check-in and check outs of credentials, and auditing access using administrative accounts. Additionally, they may provide remote access capabilities similar to remote desktop and session recording which can be especially useful for monitoring access from contractors or third parties.

SECURE DEVOPS TRAINING
ABOUT: Training for developers should always include how to securely code applications that are resilient to the common attack techniques hackers utilize.

SENSITIVE DATA RECOVERY AND MANAGEMENT
ABOUT: These solutions help identify the locations of sensitive data within on premise and cloud-based systems and databases and track movement of the data by tagging and alerting on data security policy violations. Additional capabilities allow for the remediation of the violations through several mechanisms including encryption, redaction, and quarantine.

SECURITY INFORMATION AND EVENT MANAGEMENT (SIEM)
ABOUT: These solutions collect system and appliance logs from multiple sources for central query capabilities and storage. Advanced security analytics are applied to the collected logs to identify the presence of unwanted behaviors or threats on the systems or network.

SINGLE SIGN-ON AND FEDERATION
ABOUT: These solutions provide single sign on capabilities between unrelated applications and systems via an authentication proxy. This is typically achieved by a central authentication gateway which then provides access tokens to allowed applications.

THIRD PARTY RISK MANAGEMENT
ABOUT: The purpose of the solution is to provide an external view of the threat and security posture of a company. Typically, these types of tools are used as a part of a 3rd party vendor management program but are also utilized for self-assessments. The posture of the target to be managed and scored is tracked over time and the specific reductions and improvements in the target posture are tracked and detailed.

EXTERNAL ASSET DISCOVERY
ABOUT: This solution can also be utilized to discover internet exposed assets that may not be known or managed by a company.

VIRTUAL MACHINES
ABOUT: Widely utilized virtualization software to quickly deploy and scale secure systems and applications for on premise and cloud environments.

VULNERABILITY SCANNING AND MANAGEMENT
ABOUT: The purpose is to scan external and internal assets for the presence of known vulnerabilities. This is essential for any vulnerability management and patching program to identify and track vulnerabilities and which system are patched in between scans. Also includes the ability to perform automated web application scanning.

WEB APPLICATION FIREWALLS
ABOUT: A WAF is a purpose-built solution that protects against web based attacks such as SQL Injection, cross-site scripting, illegal resource access requests, and backdoors that hackers typically utilize to breach systems, introduce malware, and exfiltrate data. Additionally, WAFs may provide DDOS protection, load balancing, and content distribution management capabilities (CDM).

DARK AND DEEP WEB THREAT MONITORING
ABOUT: External Risk Protection from Threats Targeting Your People, Brand, and Assets. Continuously monitor thousands of data sources across the public, deep and dark web to gain the insights you need to detect and act on emerging cyber-physical threats before damage occurs.