IT and Cybersecurity Services

This is a short list of our capabilities. Contact us to see exactly how we can help you.


CISO as a Service

The CISO advises the executive team on how the organization needs to meet security requirements to do business in their given industry. The CISO oversees a team that has a view of the risks facing the enterprise and puts in place the necessary security technologies and processes to minimize the risks to the organization. They are empowered to communicate risks to decisions makers and take action independently when necessary. They also advocate for investment and resources to ensure security practices are given appropriate attention.

Chief Information Officer (CISO) as a service.

  • We will fill that gap and provide guidance and direction for C-Level executives, security engineers, operations staff, and developers.
  • We integrate with your environment in order to provide a rich toolbox of capabilities.
  • Introducing guidance and direction related to all things security while keeping key business objectives in mind.
  • Working on policies, procedures, compliance initiatives, and technical implementations or any other project needed by the company.

Compliance

Almost every organization has to deal with some sort of compliance. It may be mandated upon them by an overseeing body. This might be something along the lines of the Payment Card Industry and their PCI-DSS compliance. Or, an organization may want to become compliant in order to have the advantage on their competition. Customers like the feeling that their data is being secured to the best of the industries abilities and they tend to go with companies that can prove it.

There are so many different compliances out there. Regardless of what sector your business operates in we can help. We will help you meet the regulation or guideline that your industry and customers demand.

The following are some of the assessments we perform:

  • Information Security and Operational assessments
  • HIPAA
  • NIST 800-53
  • ISO 27001
  • The Cloud Security Alliance (CSA) STAR Self-Assessment
  • General Data Protection Regulation (GDPR)
  • PCI-DSS

System Hardening

Hardening is the process of limiting the attack surface of a system or device by tuning or disabling services to meet the best security stance. This is usually done by following recommended standards or industry best practices. Normally, we following the Center for Internet Security (CIS) benchmarks. We can also utilize DISA's Security Technical Implementation Guide (STIG) as requested by the customer or if the customer is mandated by the DoD.

We utilize configuration management utilities such as Puppet or Ansible to ensure every system meets the same security baseline. These templates can either be passed onto the customer for further implementation or we can continue to assist as needed.


Firewall Auditing

In addition to system hardening, we also perform firewall auditing and remediation services. They are reviewed against industry best practices along with any compliance initiatives that the company falls within such as PCI-DSS.

At the end of the engagement, a detailed write-up along with recommendations is provided to the customer for action. We can also assist in the remediation efforts if requested.



Vulnerability Management

Vulnerability management is the process in which vulnerabilities in IT are identified and the risks of these vulnerabilities are evaluated. This evaluation leads to correcting the vulnerabilities and removing the risk or a formal risk acceptance by the management of an organization.

We'll help you find the vulnerabilities before they become a problem and assist or perform the remediation service.

  • Internal and external vulnerability scanning. This can be a one-time or ongoing engagement.
  • Internal and external penetration testing.
  • Static code analysis assists in finding common coding flaws prior to or just after release.
  • We follow OWASP best practices and assist in educating developers and IT staff.


Cloud Services

AgileSecOps can provide the guidance needed to help you make a smooth transition to the cloud. We can provide:

  • Guidance on setup and implementation
  • Review of your current cloud environment for security and cost enhancements
  • Configuration assistance to make the most of your cloud environment or if you are just now transitioning to the cloud
  • We can also take over the management of any cloud environment

One item that I think a lot of companies overlook is how secure that cloud application they want to use really is. We can perform a security risk assessment on the application and provide you with what's needed to make an informed decision on what provider or application to go with.

Even if you want to outsource you entire solution we can handle it.


DevOps

We love to automate almost anything.

  • We have proficiency in tools like Puppet, SaltStack, Ansible, Python Fabric and if it hasn't been created we can write it.
  • Our DevOps capabilities are second to none. We can either integrate with your current DevOps team, build the practice up for you, or perform the activities as an outsourced project.

Let's not forget to involve Security.

Security is normally a team that works in a silo or something that is bolted on after the fact. We like to include Security into the DevOps process.


Managed Services

Many companies today are saving money by outsourcing aspects of their IT support. AgileSecOps offers a wide variety of managed services. The following is just an example of what we can do for your company.

24/7 Monitoring of your infrastructure

  • We will take over your current monitoring or stand up new monitoring capabilities.
  • Respond to alerts, remedy issues, or escalate to the proper individual.
  • Work with your core team to ensure monitoring is effective and add or adjust monitoring as necessary.

Patch Management

  • We will take over your current patching toolset or stand up one if required.
  • Work with the organization to deploy the appropriately vetted patches per company standards and procedures.
  • Perform a follow-up vulnerability scan to ensure all systems are secure.

Firewall and Security Appliance Management

  • We will take over the responsibilities of managing and updating your companies security appliances.
  • Work with your change management procedures to make changes.
  • Provide monthly reporting on changes and security appliance activities.

Configuration Management

  • We will take over or install Ansible or Puppet within your environment.
  • Work with the developers and operations staff to create automation, utilizing the tools above, to speed the process of deployment and enhance security.

Internet of Things (IoT) Security

The Internet of Things (IoT) isn't anything new. I first started working with the concept and devices back in 2008. The one thing that is new is how Security has taken a front row seat in the conversation of IoT. Here are some items that you should be doing to secure your IoT devices:

  • Understand and profile the device to identify network connectivity needs.
    • Does it need Internet access? If so, then what IPs or URLs does it need to connect with?
    • ACTION - Put network rules in place to only allow the device to communicate on the Internet to the required IPs or URLs.
  • Does it need to communicate to other devices on your local network? If so, then identify where on the network.
    • ACTION - Put network rules in place in order to segment the IoT devices from the remainder of your network and only allow communication to areas that are needed. Be very precise and strict with your network rules.
  • Does the IoT device require a user login? If so, then these should be centrally managed either by the vendor for smaller scale deployments or by the IT department for larger scale deployments.
  • Are they wireless devices that could hold proprietary information? If so, then there is a risk of one of these devices getting lost.
    • ACTION - Employ monitoring of IoT devices with the ability to perform geolocation. There are several products on the market that will allow you to perform this depending on how the IoT device is connected. Alert when a device roams outside of its allowed location.

Finally, you should make sure that all of the IoT devices are patched with the most recent firmware.


For additional information on how AgileSecOps can help your business, or to schedule a discovery call, contact us at the email below.

Contact us: info@agilesecops.com