Technical Project Security Review
Whether it be system integration or new technology solutions, our expert security architects can review projects for security issues and advise on both security controls and core technology requirements. This can be performed remotely or on-site, with emphasis on design documentation or the technical implementation and configuring of each element.
Cyber Security Product Integration
Identifying key security controls to protect information is crucial to securing the overall technology environment. Praesidium Cyber can implement these controls into your existing network and system architecture and develop the policies and procedures needed to ensure it correct operation.
Our engineers work with clients to implement recommendations provided in our professional services. This may include the overall security architecture, system engineering and product deployment. We will also appraise the capability of an individual technology or an overall security domain to meet your security requirements.
Security Architecture Reviews
It may be the case that your organisation has an already robust security control environment and is seeking validation on its implementation and operation. Our expert consultants can advise on network integration, access control, intrusion detection, encryption standards and user authentication practices that are active in your IT environment.
The Security Incident and Event Management system (SIEM) is the cornerstone of any effective security operations practice. Praesidium Cyber provides advice to clients on the optimization of both data usage to and security alerting to reduce costs and improve productivity. We use data science methods combined with our SOC architecture knowledge to assess your SIEM. Optimising logging infrastructure, data types, alert types, rule sets, integrations, workflow, architecture and deployment we provide real security value. Types of SIEM products may include Splunk, IBM Q-Radar, McAfee ESM, AlienVault, LogRhythm and ArcSight.
A vulnerability assessment contains two parts, a technical assessment to find vulnerabilities in your IT environment and a review of the policies, procedures and controls that are used in your organisation. As part of the technical assessment, we prioritise vulnerabilities based on business context and threat intelligence, so that critical vulnerabilities are highlighted for quick remediation. We not only assess internal networks, but we also scan external facing infrastructure and look for evidence of leaked credentials and unauthorised use of domain information in the dark web.
Cyber Incident Response and Forensics
During a cyber attack, having a well thought out incident response plan is crucial to minimising damage. Praesidium Cyber works with our clients to create effective incident response plans which include identifying key stakeholders, their roles and responsibilities, what constitutes a critical security incident and the steps to contain, eradicate and recover business systems as soon as possible.
Our expert analysts provide incident investigation services using the Prepare, Identify, Contain, Eradicate and Recovery response framework. Praesidium Cyber also performs forensic investigations including root cause analysis.
Responding to an incident can be highly complex and costly. Done well however, incident response can have positive outcomes for organisational reputation and resilience. We assist organisations with crisis management, technical, legal / regulatory, communications and reputation management and support.