Vigilance™ Vulnerability Management Service
As technology advances, so do malicious actors. Cybersecurity breaches are increasingly more common, making it essential to identify gaps in real-time to protect your critical IT assets and protect your organization from a potentially devastating impact. At Intrinium, we utilize by state-of-the-art vulnerability scanners that perform internal and external scan audits across network devices, servers, web applications, databases, and other assets. The key to vulnerability management is proactive communication and persistence. Our team is consistently identifying, classifying, prioritizing, mitigating and providing remediation for our client’s software vulnerabilities.
This service will provide the following:
Identify Exploitable Vulnerabilities
External and internal scanners safely and accurately detect security vulnerabilities across your network and cloud environments. Accurate scanning eliminates the complexity associated false alerts.
External Vulnerability Scan
Remote security scanning evaluates the perimeter network for vulnerabilities and weaknesses.
Reports are cross-reference identified vulnerabilities with the Common Vulnerabilities and Exposures (CVE) database to present your risk exposure rating, based on industry best practices.
Internal Vulnerability Scan
Evaluates the internal vulnerabilities often overlooked and left unchecked.
This proactive approach allows configurations before the attackers do.
The following deliverables will be offered dependent upon on preference:
We are here to help, contact us today.
Understanding Incident Response, Planning and Cyber Insurance
In less than one year, we’ve seen whole cities taken out by ransomware with no business continuity or disaster recovery plan in place to bring themselves back up- but it’s not just cities that don’t have a plan for when a catastrophe (digital or physical) hits.
Having a plan to restore business operations will save time, money, and stress, but that’s half the equation. The other half is to practice the plan, make sure all the moving pieces fit together and make sure everything is practical and timely. Enough businesses have spent six digits or more due to not having an incident response plan- set your business and your industry apart.
Incident Response Plans: More Planning, Less Panic
In less than one year, we’ve seen whole cities taken out by ransomware with no business continuity or disaster recovery plan in place to bring themselves back up- but it’s not just cities that don’t have a plan for when a catastrophe (digital or physical) hits.
Having a plan to restore business operations will save time, money, and stress, but that’s half the equation. The other half is to practice the plan, make sure all the moving pieces fit together and make sure everything is practical and timely. Enough businesses have spent six digits or more due to not having an incident response plan- set your business and your industry apart.
Gap Analysis 101
f you have spent any time around information technology or people who work in information security, you have probably heard terms like “risk assessment”, “audit”, and “gap analysis”. Sometimes they are used almost interchangeably. However, each has a specific objective to help stakeholders understand their data environment.
While an audit is used to identify control effectiveness and a risk assessment can identify what controls can be implemented to reduce risk, the gap analysis is designed to do exactly what it states – to identify gaps between the current environment and the organization’s required or desired state. This may be a specific regulatory compliance objective, such as how the organization meets the requirements of the HIPAA Security and Privacy Rules or PCI-DSS. In many cases, an organization may want to be able to claim that they are compliant with an information security standard, such as ISO27001. In other instances, the organization may have developed a roadmap for where they plan to be in the future, and want to identify the current progress and next steps. A gap analysis can provide essential feedback for all three examples.
BSides Portland 2019 Recap
At Intrinium, we strive to offer as many opportunities as possible to further education, encourage team collaboration, and networking across our industry. Last weekend, our Managed Security Services team headed to the Portland Convention Center for BSides Portland...
The Basics of Security Awareness Training , Part 1
By James Lee - Information Security Analyst: Team Lead - Intrinium Introduction Chances are, you or someone you know has fallen victim to some Information Security attack. Whether it was someone attempting to brute force their way into one of your accounts, or an...
MAXX 2019: Annual Convention, CU4Kids Auction, and Annual Business Meeting Recap
In support and commitment to our credit unions, we have spent the past two days at the MAXX 2019: Annual Convention, CU4Kids Auction, and Annual Business Meeting held at the Spokane Convention Center. The event hosted Pacific Northwest credit unions, board members and...
BSides Sacramento: The Recap
This past weekend, Partner and Advisory CISO, Stephen Heath attended the inaugural BSides event in Sacramento, California. BSides is a national Information Security conference that takes place throughout the nation, it is 100% volunteer organized to continue to...
Tips and Tricks for Securing Ellucian Banner
Ellucian has developed a suite of software to support the transformative impact of higher education. Their software suite provides vital tools that are used to empower higher education institutions the ability to utilize the software, and its capabilities in whichever...
Building an InfoSec Program from Scratch, Part IV – Choose the right tool
By Stephen Heath - Partner and Advisory CISO - Intrinium When a new CISO arrives in an organization, they will often walk in expecting to review, assess, build upon, and (sometimes) undo the work of their predecessor. Obviously, this can be a daunting and unique...
Building an InfoSec Program from Scratch, Part III – Communicate the Risk
By Stephen Heath - Partner and Advisory CISO - Intrinium When a new CISO arrives in an organization, they will often walk in expecting to review, assess, build upon, and (sometimes) undo the work of their predecessor. Obviously, this can be a daunting and unique...