Security Assurance

We have assisted many product and application vendors in demonstrating their committment to security not only to their management but also to their clients. Such engagements normally span multiple phases, including:

• Threat Modeling
• Penetration Testing (network & application)
• Architecture Reviews
• Source Code Reviews
• Server Configuration Reviews

We also support you in any post-assessment communications necessary to help present the strongest security posture of your solution to your customer.

Employee/Customer Awareness Program Development

As technological security controls protecting critical IT resources have continued to grow and mature, attackers have shifted their focus back to end users.

This shift has resulted in a rise in social engineering attacks in the form of spear phishing and telephonic impersonation. To thwart the successful execution of such attacks, it is critical that organizations establish an effective user awareness program. Intrepidus Group can assist organizations in this endeavor by:

• Develop, deliver and manage comprehensive user awareness programs
• Conducting baseline user awareness assessments
• Developing poster and email campaigns
• Delivering training sessions that include real-world case studies
• Establishing a user awareness assessment platform that includes periodic phishing exercises to educate those found susceptible, and continually collect metrics

Our user awareness programs have demonstrated significant improvements –at organizations of all sizes, ranging from small businesses to large Fortune 500 companies.

Software Development Lifecycle Security Review

It has been proven, through empirical studies, that the cost of fixing software security flaws increases exponentially at every stage of the SDLC. Thus, tackling a software bug in design is significantly more cost effective than doing so post-development. Intrepidus Group assists organizations in adapting their SDLC to include security mechanisms at appropriate stages, while minimizing the impact of the changes on development times.

Our consultants have assisted both large Fortune 500 companies having a mature SDLC, as well as small development teams that follow a rapid application development (RAD) paradigm to infuse security into the processes.

Bottom line: It's really important that your people stay on top of the security landscape, as it changes rapidly. A common bug today may be significant security vulnerability tomorrow. With Intrepidus Group, you can quickly and efficiently integrate the needed measures that lead to improved software security.

Vulnerability Management Program Development

Security is similar to many other areas in that prevention and early detection are more cost-effective approaches to employ than recovery. However, the lack of formalized vulnerability management programs can result in organizations spending more time reacting to security situations than proactively protecting themselves from emerging threats.

An effective vulnerability management program allows an organization to establish the appropriate people, process and technology components so that it can determine where its vulnerabilities lie and what cost-effective steps are most appropriate to take to mitigate the associated risk.

Intrepidus has worked with multiple organizations across industry verticals over the last several years in assisting with efforts related to vulnerability management. Thus, Intrepidus has the perspective to help organizations decide how to structure their programs so that they develop the infrastructure needed while outsourcing capabilities that are not appropriate to perform in-house.

Online Intelligence Gathering and Reputation Management

The threat of infiltration by competitors and leaking of information/Intelligence from those within is very real. Don’t let publicly available information blunt your new product launches and your ongoing marketing campaigns. Details concerning decisions, discussions, industry secrets, phone calls, estimates and bids can tip the scale out of your favor in an instant.

The Intrepidus Group develops comprehensive Intelligence Gathering Programs to support your unique Information Gathering requirements. Having this information will allow timely threat intelligence response and tightening of your corporation’s security perimeter.

Don’t be the last to know about the information leaking from your organization.