CYBERSECURITY RISK ASSESSMENT AND PENETRATION TESTING FOR BOCES PARTICIPATING SCHOOL DISTRICTS RFP #2416
OUR DIFFERENTIATORS Global Risk Atlantic has a deep understanding of “Risk Assessment and Penetration Testing” on a Assessment global scale and can significantly impact your school’s efforts toward greater productivity through technology and process enhancements, while reducing cost. Intelligence-driven Atlantic’s intelligence -led penetration testing employs the same tools, tactics, and penetration procedures actively being used by cyber adversaries as they pertain to your business. testing Except now they’re working for you. Unique State of Our application security assessment will investigate all components of the software you the Art develop and the underlying technologies. Testing explores all possible avenues of attack Application to ensure that your application can be deployed securely and with confidence. Security Software Human Based Atlantic puts a human behind the wheel. Many web application assessments are highly T echnology automated. They produce a high volume of false positives, and overlook application behavior that an expert security analyst would find. Our findings are validated and our Solutions consultants will work with your development staff to make sure that no stone is left unturned and that the results of your assessment are accurate.
OUR OFFER Dedicated Project Manager to preside over the operation of the proposed test. Full service office technology provider with five network operation centers for all your school’s cybersecurity needs . Total Quality Commitment — Atlantic Seal of Satisfaction. Remote monitoring for proactive maintenance, network monitoring, alerts and unit diagnostics integrated into our solution. Predictive analytics tools combined with machine learning artificial intelligence software to anticipate potential threats. Atlantic DOES NOT SEEK reimbursement for travel, lodging, subsistence or other out of pocket costs incurred in connection with this engagement.
OUR SERVICES PROVIDE AN INTEGRATED SOLUTION THAT USES OUR ADVANCED PROPRIETARY SOFTWARE Application and Network Penetration Infrastructure Security Security testing for T esting Assessment Web and Mobile Apps • Security’s Intelligence Led • Visibility, Detection, Response & Penetration Testing Methodology Containment 24/7/365 • Intelligence Gathering: is aligned with the industry • OWASP Web Application Testing accepted PTES (Penetration Methodology Testing Execution Standard). Vulnerability Scanning Phishing Expeditions Deliverables : for Networks and • Threat Modeling: • Report to include: Findings Details, Proof of Applications Concept (Screenshot, Code Snippet, or • Exploitation: Video – where applicable), References • Post Exploitation (Vendor Bulletins, Common Vulnerabilities • Vulnerability Analysis: and Exposures, US-CERT Advisories, Weaponized Malware), Risk Scorecard, Cyber Kill Chain Phase, Recommendations for Remediation, and Affected Asset(s).
INTEGRATED INTO ONE PLATFORM SOLUTION: PROVIDING VISIBILITY, DETECTION, RESPONSE & CONTAINMENT 24/7/365 Network Security State-of-the-art technology and years of expertise allow us to provide network and Monitoring:: endpoint security monitoring Asset Discovery & Find all assets on your network before a bad actor does with active and passive network Inventory: discovery. Identify systems that are vulnerable to exploits with active network scanning & Vulnerability Assessment: continuous vulnerability monitoring Detect & respond to threats faster with our built-in network IDS, host- based IDS, & file Intrusion Detection: integrity monitoring Instantly spot suspicious network behavior with NetFlow analysis, service monitoring, & Behavioral Monitoring: full packet capture Quickly correlate & analyze security event data from across your network with built-in SIEM & Log Management: SIEM & log management Endpoint Security Continuous Endpoint Monitoring & Visibility; Threat Intelligence for Prioritization & Attack Monitoring: Action Instant Root Cause Analysis & Investigation One-click Isolation, Live Response & Remediation Endpoint Threat Banning Stopping threats at the endpoint
ENGAGEMENT WITH PREDICTIVE ANALYTICS TOOLS COMBINED WITH MACHINE LEARNING ARTIFICIAL INTELLIGENCE SOFTWARE Integrated Solution Simulation of complex Unique Discovery Methods systems • Complex mapping activities • Comprehensive sensitivity analysis • Standardized, domain-specific Excel • Qualitative and quantitative impact are • Holistic risk model analysis templates designed and knowledge modeled between each discrete set of • Each risk model is duplicated in captured from organization parameters Expertool • Templates are imported into Expertool, • Software identifies all discrete values in • Software identifies and links shared data systematically integrated by each data each parameter across the entire data points point, gaps & discrepancies identified set and combines them into one class • Additional rules and relationships can be • Software links each unique value to all supplied by experts/literature occurrences across parameters • Simultaneous Monte Carlo simulations • The scenario for each unique value is are run, with cross-model intermediate computed and output to Excel or other impacts processed software. 6
TEAM MEMBERS Peter Fiorillo, Justin Schwartz James Talilento Russell CPA MPH CISSP , GSEC, Safirstein, CPA GCIH, GPEN, • (631) 806-2108 • (917) 647-3431 • (516) 551-5546 GCFA, GCIA, GMON, CEH, SCYBER • (646) 868-8128 7
Recommend
More recommend