Full Stack Cyber Security Provider
Additional Information
- Vulnerability Assessments (VA) − Independent expert review for a diverse set of potential vulnerabilities across a wide range of technologies.
- Penetration Testing
- Vulnerability Assessments
- Vulnerability Research Exploit Development
- Open Source Data Collection
- Phishing
- High Value Targets
- Incident Response Testing
- Incident Handling
- Incident Response
- Network Monitoring
- Log Collection / Correlation
- Threat Intelligence
- End Point Protection
- Automated Response
- Policy / Consulting
- Web Application Assessment
- Software Assessment
- Manual & Automated
Our Influences ...
Developed the US Army's Threat Emulation (Cyber OPFOR), to simulate Cyber Attacks while Combat Arms units trained during War Games.
Created the Pentagon's Vulnerability Research & Exploit Development (VRED) Credited with 14 CVEs
Pentagon Red Team DHS NCCIC/NCATS Commercial Financial Sector; All Tier 1 assets in the United States
Close the deal
Pentagon PENTCIRT DHS ENTERPRISE SOC DHS CBP SOC United States Cyber Command Commercial SOC as a Service
Close the deal
Close the deal
Presentations at Security Conferences Training (Personalized) Blogs Software Sharing (GitHub)
Close the deal
Close the deal
Close the deal
Defense in Depth - Assume Breach Methodology
Application Security Assessment Solutions
Additional Information
Assessment of security posture of 3rd party or custom developed applications across a wide range of operating platforms and attack perspectives.
- Web Application Vulnerability Assessments/Penetration Tests
- Mobile Device Application Testing
- Application Vulnerability Assessments
- Vulnerability Research & Exploit Development
Credited with over 15 CVEs for discovered vulnerabilities
Social Engineer Assessments Solutions
Impact analysis of a successfully executed social engineering campaign in a controlled environment
- Open Source Intelligence/Information Gathering (OSINT)
- Spear-Phishing, Pretexting Campaigns
- Non-Technical Tests including Baiting, Tailgating, Dumpster Diving, among others
- Training
Red Team Assessments Solutions
Emulation of advanced attack profiles (e.g., nation-state, highly funded criminal organization, Hacktivism)
- Assessment of advanced defense and detection capabilities
Insider Threat Program
Identifies potential ways an insider could threaten your organization
- Know what is at stake
- Align insider threat with business continuity
- Know your critical systems
- Trust but verify
- Prevent breaches
Cyber Hygiene (CyHy)
Gray Tier’s own developed variety of proactive services which evaluates an organization’s external security posture
- Open Source Intelligence/Information Gathering (OSINT)
- Spear-Phishing, Pretexting Campaigns
- Continual Vulnerability Identification
- Dark Web, Credential Leaks, Domain Masquerading
Security Operations Center as a Service (SOCaaS) Security In
