Security Services Portfolio
Transcription
Security Services Portfolio
Security Services Portfolio [email protected] Our Company Laconicly is a leading, independent provider of expert training and professional security services. We bring extensive, internationally recognized expertise and experience to every client engagement. Laconicly has hands-on experience with assessments of the most critical high integrity systems, some of which involved the security of nations. Laconicly is proud to have security consultants with the highest credentials including industry award winners, published authors, and speakers at the most prestigious security conferences including: Black Hat Briefings, RSA, DEFCON, Blue Hat, NATO CCDCOE, and many others. Laconicly is also proud to offer security consultants with active Department of Defense security clearances for those highly sensitive systems that should only be evaluated by those who have been deemed especially trustworthy. [email protected] Laconicly Security Services 510(k) Cyber Security If your organization is looking to produce and sell a medical device within the United States, you must first submit for FDA 510(k) clearance. The FDA 510(k) pre-market submission can be a daunting process, especially for those who are unfamiliar with the new cyber security guidelines. The specialists at Laconicly have experience navigating through the new 510(k) cyber security guidelines and have helped several device manufacturers complete the cyber security portions of the 510(k) clearance. From scoping, threat assessment, testing, and documentation, Laconicly has the experience and expertise to help even the most complicated devices through cyber security portions of the FDA 510(k). Product Cyber Security Review Planning a new product release? The product cyber security review we offer provides you with a thorough security analysis of your product. This review can be conducted before or after your product has hit the market. Our expert and highly skilled specialists will examine and assess all the key components of your product and supporting infrastructure. Attention is also focused on how your application components are deployed and communicate with both the user and server environments. Throughout our testing we apply a rigorous methodology and utilize a mix of deep manual analysis and broad automated testing tools to test for exploitable vulnerabilities. Through this methodology, we are able to provide you with a detailed report and recommend the best methods to secure the product based on your unique business requirements and security best practices. Product reviews can be performed in multiple ways including: Black-box Assessment: In this type of assessment, Laconicly only requires access to the product to be tested. No inside knowledge (source code, knowledge of internal debugging mechanisms, support/technician routines) is needed before the engagement can begin. Laconicly will locate and document vulnerabilities as well as specific recommendations for remediation in the specified product. For those organizations under strict assessment timelines, this is the fastest approach to understanding device security exposures. Code review Assessment: In this type of assessment, Laconicly will leverage the actual source code of the product to perform the assessment. The advantage of this approach is that actual lines-of-code that are responsible for causing the security vulnerability are identified, allowing developers and architects to quickly remediate the issues. The availability of the application source code will allow Laconicly to identify vulnerabilities that may not be able to be located with a Black-box assessment. Security Services 645 W 9th Street Suite 216 Los Angeles, CA 90015 [email protected] Training Offerings Laconicly training curriculum focuses exclusively on cutting edge security best practices , and our dedication means our courses and instructors are informative, enjoyable, and compelling. Our courses use a virtualized training environment in order to give students the opportunity to learn by doing. All classes include detailed labs which will guide students through the concepts that are covered in the class. In addition to the extensive course workbook, students receive the instructional environment, supporting documents, and tools. Students will be able to immediately apply the concepts and skills they have learned. We have tailored our courses specifically for engineers, developers, testers/QA, project managers, and incident responders. Our offerings include in-depth courses on secure development practices, designing resilient systems, analyzing vulnerabilities, and implementing sound QA practices, among others. From individual course offerings to worldwide training programs, Laconicly can meet your organization’s security training needs. All Laconicly training offerings can be customized in order to meet customer requirements. Popular Training Offerings Secure Development Lifecycle The Security Development Lifecycle (SDL) is a software development security assurance process consisting of security practices grouped by seven phases: training, requirements, design, implementation, verification, release, and response. Whether your organization is new to the SDL process or a review is required in order to improve existing processes, Laconicly’s extensive background in the SDL process assures that we can provide expert guidance on implementing a SDL in your organization. For those organizations looking to build a robust SDL, this course is an excellent foundation. Building a Robust Security Capability As organizations grow and mature, the desire for an organic, in-house security capability becomes a requirement. Building a robust, sophisticated security team, along with the process and procedures for running an efficient security team can be an arduous task. The professionals at Laconicly Security have extensive experience in building security teams and developing sophisticated security capabilities. We’ve helped build sophisticated teams for the DoD and Fortune 500. The professionals at Laconicly will help your organization understand your current capabilities, help define needed capabilities, develop the methodologies needed for robust security capabilities, and can even assist in the team member selection process. We’ll lay the foundation for a successful security team and augment the team as needed. [email protected] About Laconicly Security Services Our Culture Passion for security, unwavering integrity, and a commitment to excellence are the founding principles of our culture. Every member of our hand-picked team is committed and passionate about their work. We believe this is the only way to consistently provide excellent customer service and cutting edge security research. Our unwavering integrity and our commitment to excellence shows in every client interaction and every deliverable we produce. At Laconicly Security, we also understand that we have a moral obligation to help improve the general state of security in the industry. Our efforts have been publicly recognized by industry leaders, the Department of Homeland Security, and the Industrial Control Systems – Cyber Emergency Response Team (ICS-CERT) on numerous occasions. Security Services 645 W 9th Street Suite 216 Los Angeles, CA 90015 [email protected] www.laconicly.com