Security Services Portfolio

Transcription

Security Services Portfolio
Security Services Portfolio
[email protected]
Our Company
Laconicly is a leading, independent provider of expert training and professional security services. We bring extensive, internationally recognized expertise and experience
to every client engagement. Laconicly has hands-on experience with assessments of
the most critical high integrity systems, some of which involved the security of nations. Laconicly is proud to have security consultants with the highest credentials including industry award winners, published authors, and speakers at the most prestigious security conferences including: Black Hat Briefings, RSA, DEFCON, Blue Hat, NATO
CCDCOE, and many others. Laconicly is also proud to offer security consultants with
active Department of Defense security clearances for those highly sensitive systems
that should only be evaluated by those who have been deemed especially trustworthy.
[email protected]
Laconicly Security Services
510(k) Cyber Security
If your organization is looking to produce and sell a medical device within the United States, you
must first submit for FDA 510(k) clearance. The FDA 510(k) pre-market submission can be a daunting
process, especially for those who are unfamiliar with the new cyber security guidelines. The specialists at Laconicly have experience navigating through the new 510(k) cyber security guidelines and
have helped several device manufacturers complete the cyber security portions of the 510(k) clearance. From scoping, threat assessment, testing, and documentation, Laconicly has the experience
and expertise to help even the most complicated devices through cyber security portions of the FDA
510(k).
Product Cyber Security Review
Planning a new product release? The product cyber security review we offer provides you with a
thorough security analysis of your product. This review can be conducted before or after your product has hit the market. Our expert and highly skilled specialists will examine and assess all the key
components of your product and supporting infrastructure. Attention is also focused on how your
application components are deployed and communicate with both the user and server environments. Throughout our testing we apply a rigorous methodology and utilize a mix of deep manual
analysis and broad automated testing tools to test for exploitable vulnerabilities. Through this methodology, we are able to provide you with a detailed report and recommend the best methods to secure the product based on your unique business requirements and security best practices. Product
reviews can be performed in multiple ways including:

Black-box Assessment: In this type of assessment, Laconicly only requires access to the product
to be tested. No inside knowledge (source code, knowledge of internal debugging mechanisms,
support/technician routines) is needed before the engagement can begin. Laconicly will locate
and document vulnerabilities as well as specific recommendations for remediation in the specified product. For those organizations under strict assessment timelines, this is the fastest approach to understanding device security exposures.

Code review Assessment: In this type of assessment, Laconicly will leverage the actual source
code of the product to perform the assessment. The advantage of this approach is that actual
lines-of-code that are responsible for causing the security vulnerability are identified, allowing
developers and architects to quickly remediate the issues. The availability of the application
source code will allow Laconicly to identify vulnerabilities that may not be able to be located with a
Black-box assessment.
Security Services
645 W 9th Street
Suite 216
Los Angeles, CA 90015
[email protected]
Training Offerings
Laconicly training curriculum focuses exclusively on cutting edge security best practices , and our dedication
means our courses and instructors are informative, enjoyable, and compelling. Our courses use a virtualized
training environment in order to give students the opportunity to learn by doing. All classes include detailed
labs which will guide students through the concepts that are covered in the class. In addition to the extensive
course workbook, students receive the instructional environment, supporting documents, and tools. Students
will be able to immediately apply the concepts and skills they have learned.

We have tailored our courses specifically for engineers, developers, testers/QA, project managers, and
incident responders. Our offerings include in-depth courses on secure development practices, designing
resilient systems, analyzing vulnerabilities, and implementing sound QA practices, among others. From
individual course offerings to worldwide training programs, Laconicly can meet your organization’s security training needs.

All Laconicly training offerings can be customized in order to meet customer requirements.
Popular Training Offerings
Secure Development Lifecycle

The Security Development Lifecycle (SDL) is a software development security assurance process consisting
of security practices grouped by seven phases: training, requirements, design, implementation, verification, release, and response. Whether your organization is new to the SDL process or a review is required
in order to improve existing processes, Laconicly’s extensive background in the SDL process assures that
we can provide expert guidance on implementing a SDL in your organization. For those organizations
looking to build a robust SDL, this course is an excellent foundation.
Building a Robust Security Capability

As organizations grow and mature, the desire for an organic, in-house security capability becomes a requirement. Building a robust, sophisticated security team, along with the process and procedures for running an efficient security team can be an arduous task. The professionals at Laconicly Security have extensive experience in building security teams and developing sophisticated security capabilities. We’ve
helped build sophisticated teams for the DoD and Fortune 500. The professionals at Laconicly will help
your organization understand your current capabilities, help define needed capabilities, develop the
methodologies needed for robust security capabilities, and can even assist in the team member selection
process. We’ll lay the foundation for a successful security team and augment the team as needed.
[email protected]
About Laconicly Security Services
Our Culture
Passion for security, unwavering integrity, and a commitment to excellence are the founding principles of our culture.
Every member of our hand-picked team is committed and passionate about their work. We believe this is the only way
to consistently provide excellent customer service and cutting edge security research. Our unwavering integrity and our
commitment to excellence shows in every client interaction and every deliverable we produce. At Laconicly Security, we
also understand that we have a moral obligation to help improve the general state of security in the industry. Our efforts have been publicly recognized by industry leaders, the Department of Homeland Security, and the Industrial Control Systems – Cyber Emergency Response Team (ICS-CERT) on numerous occasions.
Security Services
645 W 9th Street
Suite 216
Los Angeles, CA 90015
[email protected]
www.laconicly.com