Services

Regarding what I can do for your organization, I can and will list some of the services that I am able to provide. However, it is unlikely that there is a cookie-cutter solution for your organization. Security isn't a product you can buy off the shelf, nor is it something you can pay for a guy to come in and give you. Chances are, you'll need a little of one service, a lot of another, and a good helping of training and overall advice to support it.

Part of what I can provide your organization is a personal touch. I am happy to talk with you, frankly and confidentially, about how you feel your security preparation, implementation, and response should change. From this we can determine what needs to be done. Most importantly, I can help develop the documentation needed to make things clear to users across your organization.

A list to get you thinking about what I can help you with:

  • Incident Response - This is first on the list, because if you've already been attacked, you need to stop reading right now and contact me! As a preparatory measure, I can help you prepare to respond to an incident and even act as a member of your incident response team when a situation arises.
  • Forensic Analysis - Determining what happened, after the fact, or any other sort analysis of digital evidence (Computers, media, network traffic) you might need.
  • Penetration Testing - The learning experience of being attacked, without the serious consequences. Learn how an attacker "sees" your network, from the outside and in, and how a carefully planned and targeted attack on your organization might proceed. Learn where your defenses are working, where they're not, and how your users and systems administrators detect and respond to incidents.
  • Risk Assessment/Analysis - Determine what the "keys to your kingdom" might be, the cost of that data getting into the wrong hands, and what protections you might need to keep that from happening.
  • Vulnerability Assessment - A thorough scan and report of what vulnerabilities your network and host might be affected by.
  • Code Audit/Vulnerability Discovery - A detailed look at a software product to determine how it might be exploited by attackers. A must for any software you wish to deploy internally, to your website, or as a product for the public.
  • Training - Educate your users about the risks, and educate your sysadmins, coders, about what they can do to improve the security of your organization.

...and more. Many of these services are complementary or overlap in some way. I can help you determine exactly what is that you need.

Training

Recently I had the pleasure of teaching the SANS Stay Sharp IP Packet Analysis course at Mississippi State University, in association with the university's Center for Computer Security Research. It was an excellent experience and the students seemed to enjoy it and leave the class with some useful skills.

Similar training sessions and materials can be arranged for your organization, with either SANS training, or with materials that I develop specific to the needs of the attendees. I can help bring your employees up to speed on many aspects of information security, and help you learn how to help yourself.