Вы находитесь на странице: 1из 5

praeTorian overview / p1

Praetorian ComPany overview


The experTise and inTegriTy of our informaTion securiTy consulTanTs are TrusTed by Todays leading organizaTions

why choose praeTorian Our teams superior technical prowess and business acumen Comprehensive and actionable deliverables, relevant to your organization and stakeholders Our advanced, time-tested and thorough methodologies

Our team delivers business enablement solutions through information security and risk consulting, advisory, and assessment services. Praetorian Professional Services balances the benefits of strategic security consulting with a tactical, hands-on approach to technology consulting and security training. From a strategic standpoint, Praetorian provides enterprise security program consulting that aligns security initiatives with an organizations overall business objectives, corporate governance, and regulatory requirements. From a tactical perspective, Praetorian performs in-depth technical assessments of supporting IT infrastructure and client facing products. As a consultative firm, Praetorian brings many years of experience to the table and our in-depth understanding, technical prowess, and business acumen add significant value in enhancing our clients security posture. Through time-tested, thorough methodologies, our consultants will improve your organizations security posture and maintain risk to an acceptable level.

Superior Technical Prowess


All consultants come from a computer science, engineering, or information systems discipline. Our team members include published authors, federal security policy and program contributors, patent holders, open source developers, industry researchers, thought leaders, and conference presenters.

Trusted Business Acumen


Our teams superior business acumen is derived from a wide range of backgrounds and specialties. Previous employers include Symantec, McAfee, MIT Lincoln Labs, Rapid7, Sun Microsystems, Dell, IBM, Cisco, Morgan Stanley, Citi, National Instruments and PricewaterhouseCoopers.

ready To geT sTarTed? Contact us at 1 (800) 675-5152 to learn how Praetorian security services can help you accomplish your specific business and IT goals, or explore more by visiting: www.praetorian.com

Comprehensive Reporting
Deliverables include comprehensive reporting that is valuable to both the technical and executive levels. For technical staff, we detail the immediate threats across your enterprise and recommend the appropriate responses. For executives, we clearly communicate systemic issues and solutions, prioritizing risk management strategies based on resource constraints and risk goals.

Risk Management Success


Praetorians risk assessment and management solutions use an optimal balance between people, process, and technology. Risk management is the key to a successful security strategy. We help organizations identify risk related to their information security and prioritize those risks so that they can allocate resources in the most cost effective way.

1 (800) 675-5152
www.praetorian.com

Pr aetorian
your world, secured

praeTorian overview / p2

your trusted seCurity advisors


Today, creating a truly secure IT infrastructure requires access to highly specialized knowledge, intelligence, and expertise in order to stay at least one step ahead of the evolving risks. Because Praetorian is an authority on information security, your business can leverage our subject matter expertise to solve these challenging business problems. We offer a comprehensive portfolio of security services and solutions tailored to meet specific client requirements. During each engagement, Praetorian consultants meet with you regularly and communicate high-risk findings immediately. At the end of each engagement, we deliver a comprehensive report that is valuable to both the technical and executive levels. For technical staff, we detail the immediate threats across your enterprise and recommend the appropriate responses. For executives, we clearly communicate systemic issues and solutions, prioritizing risk management strategies based on resource constraints and risk goals. Praetorians risk assessment and management solutions use an optimal balance between people, process, and technology. Risk management is the key to a successful security strategy. We help organizations identify risk as it relates to information security and prioritize those risks so that resources can be allocated in the most cost effective way. We also work with organizations to identify an appropriate risk management strategy.

Clients We Serve

we acT as TrusTed advisors who help organizaTional leaders beTTer undersTand and minimize overall risk across iT asseTs, so They can focus on whaT is imporTanT Their core business.

Praetorians expertise and client base spans all major verticals. We regularly provide expertise to Fortune 500 companies across the financial, technology, healthcare, insurance, oil & gas, and manufacturing sectors. Our team is trusted by todays leading organizations, including:

Our team is trusted by todays leading organizations, including:

risk managemenT sTraTegies Mitigate risk through security remediation and countermeasures Transfer risk contractually to a third party, or insurance provider Avoid risk by eliminating an existing online or network capability Accept risk based on clear understanding of exposure and organizations appetite for risk

In addition, Praetorian provides considerable consultation to government and education institutions around the United States. Because of our wide range of experience and subject matter experts, several major consulting firms also leverage Praetorian as a trusted partner on an ongoing basis.

1 (800) 675-5152
www.praetorian.com

Pr aetorian
your world, secured

praeTorian overview / p3

strategiC Consulting overview


Every organizational leader should be concerned about the integrity, confidentiality, and availability of their key information assets and resources. However, many organizations lack the internal expertise required to properly develop and implement unique security policies, standards, and guidelines that are tailored to specific organizational needs. As operational environments change, these organizations will also benefit from a strong partner to assist them through an ongoing risk management lifecycle. Praetorian delivers specialized policy and controls for organizations at every security maturity level. Our consultants leverage their in-depth knowledge of industry standards and best practices to help deploy a baseline set of security controls across all systems within your organization and then specialize that security plan for the specific mission, environment of operation, or technology. Our aim is to develop policy and control sets driven by a customized risk management framework that serves the unique needs of each client, while helping their organization defend its systems to the greatest extent possible.

did you know that our team is a contributor to nisT sp 800-53 rev 4?

enterprise security program


Security Governance Review Secure Software Development Life Cycle Incident Response Program Development Strategic Security Plan Development Business Continuity Planning (BCP) Security Awareness Program Development Vulnerability Management Program Dev

policy and procedures


ISO 27001, NIST 800 Policy Gap Analysis ISO 27001, NIST 800 Policy Assessment ISO 27001, NIST 800 Policy Development Directive Enterprise Model Policy Development Stand Alone Policy Development Standards, Procedures, and Process Dev Software Policies, Procedures & Standards

privacy and compliance


Compliance-Based Risk Assessment (HIPPA, SOX, SB-136) PCI Services Regulatory/Compliance Check Program Identify Theft Red Flags Assessment

risk management
Enterprise Wide Risk Assessment Application or System Focused Assessments Risk Assessment Framework Development Third Party Risk Assessment

1 (800) 675-5152
www.praetorian.com

Pr aetorian
your world, secured

praeTorian overview / p4

taCtiCal assessments overview


Obtain an accurate understanding of your security and risk posture, while ensuring compliance with industry regulators and information security best practices. Praetorian consultants come from strong software development and network security backgrounds. This experience brings the proper insight and perspective to bear on your unique environment. Through, thorough methodologies, our consultants assess your security exposure and provide mitigation strategies, and assist in remediation efforts. We deliver comprehensive reporting, relevant to your organization and stakeholders. Praetorian takes a highly-customizable approach to security testing. We combine our in-depth knowledge with the use of industry standards, applicable regulatory requirements, and you specific business goals. Engagements are scoped to include one or more service lines depending on the needs of the client.

did you know that nathan sportsman, praetorians ceo/founder, is a contributing author to several editions of hacking exposed, the worlds #1 selling book on information security?

application security
Secure Coding Policy Creation Security Requirements Review Threat Modeling Architectural Risk Analysis Source Code Review Application Assessment Web Services Security Assessment Web Application Assessment Mobile Application Assessment

network security
Internal Assessment External Assessment Firewall Assessment VPN Assessment Modem Security Assessment (War Dialing) Wireless Security Assessment Social Engineering Host Security Configuration Assessment Network Architecture Assessment Mobile Security Assessment Physical Security Assessment Virtual Infrastructure Security Assessment

1 (800) 675-5152
www.praetorian.com

Pr aetorian
your world, secured

praeTorian overview / p5

seCurity training overview


Praetorian, a leader in the information security industry, offers security education programs designed to support the evolving needs of Developers, General Staff, and IT Professionals. Software programmers, architects, and quality assurance testers, or anyone responsible for maintaining and protecting the organizations software and intellectual property, should consider taking Praetorians security training courses. We also offer on-demand security and privacy awareness training that helps people in your organization better understand how to protect valuable information. For many organizations, the human element is often the most overlooked attack vector. Ironically, people are typically one of the easiest vulnerabilities to exploit and an attacker needs little more than a smile or email to completely compromise a company. With targeted attacks on the rise, organizations must understand the risk of social engineering based attacks. Comprehensive security training helps mitigate this growing threat. interested in instructor-led Training? please contact us for a custom plan.

security is everyones responsibility. Transform your team in to responsible stewards of organizational data.

computer-based Training
Fundamentals of Application Security Software Security Awareness Six Fundamentals of Information Security Fundamentals of Secure Development Fundamentals of Secure Database Development Understanding Secure Code JRE, C/C++, Windows, Windows Vista, .NET 4.0, .NET 2.0 Web Vulnerabilities Threats and Mitigations Introduction to Cross-Site Scripting with JSP or ASP.NET Creating Secure Code ASP.NET, C/C++, J2EE, C# Integer Overflows Attacks and Countermeasures Buffer Overflows Attacks and Countermeasures Fundamentals of Secure Architecture PCI Best Practices for Developers OWASP Top 10 - Threats and Mitigations Architecture Risk Analysis and Remediation

Introduction to Security Tools and Technologies Introduction to Cryptography Creating Secure Application Architecture Microsoft SDL for Managers Introduction to the Microsoft SDL How to Define Software Security Requirements and Design SDLC Gap Analysis and Remediation Techniques Introduction to Threat Modeling Attack Surface Analysis and Reduction How to Perform a Security Code Review Fundamentals of Security Testing Classes of Security Defects How to Test for the OWASP Top 10 How to Break Software Security Exploiting Buffer Overflows

1 (800) 675-5152
www.praetorian.com

Pr aetorian
your world, secured