We Believe in Holistic Security
Technical vulnerabilities, like those tested by automated scanners, represent only a small part of the risks present on any modern network. Risks from users choosing bad passwords, ignoring policies and procedures, incorrectly partitioned partner access, unreliable services, or information overload for security operators are all part of the overall threats in todays networked environments.
To deal with the complexity caused by network architectures, industry compliance, and constantly changing security threats, we begin by breaking down the threats using our Digital Risk Management model. This model allows threats to be viewed at a high level without leaving out the individual issues that might be present at technical level. We then go into depth in each area to provide the details for the specific recommendations and action items can be taken to mitigate risks across the organization. We will provide a detailed list of each step during an review so that team members understand what will be investigated and the types of risks we commonly see in each area.
A "one size fits all" approach to network security does not work. Instead of relying only on commercial test packages, we at EGS put our experience to work for you. We analyze each network for new and unique threats and vulnerabilities and develop tools specific for your network, working with you to ensure that the risks present are understood, and the recommendations are appropriate for your network and mission.
Experience at Work
En Garde has been in business since 1994. Our core competencies and skills include all technical aspects of computer security, software forensics, security software verification and validation, penetration testing, vulnerability analysis of Internet connected systems/networks, intrusion detection, response, and investigation. We have performed network and software penetration tests, analyzed seized systems to extract legal evidence, and tracked hackers in cases where arrest warrants were issued.
We often work directly with upper-management, even providing ideas and input on a daily basis in some cases. Frequently, we are asked to review the work of other contractors and make final recommendations to management. En Garde personnel are also active in the security community. Our staff has presented papers and tutorials at technical conferences and symposia, taught courses and seminars on Internet security, and given expert testimony before a congressional sub-committee on National Information Infrastructure security issues.