Consulting

We work with you to shape engagements and provision them with the right IANS Faculty experts. Your project will never be staffed with junior level consultants. We do what we say we'll do, on time, at a fixed cost. Our expertise is built from hands-on experience. We staff your project with doers who recommend actions, and then help you take them.

video-thumb-dave-shackleford
Dave Shackleford, IANS Faculty

Why work with us?

Vs

Consulting Firms

Big name firms that seem like "the safe choice" too often staff your projects with whoever happens to be on the bench. And then they farm the engagement for more work.

Vs

Analyst Firms

Analysts are great for sorting through the vendor landscape, but they're not going to roll-up their sleeves to work for you. Their knowledge is most often theory-based and comes largely from surveys and vendor interviews.

IANS Consulting

  • Recommendations and guidance combined with ongoing Decision Support insights
  • Led by world-recognized information security experts who have hands-on experience
  • Diverse knowledge and skills across IANS Faculty community
  • Objective basis for organizational discussions on security and resources needed to do the job

Consulting Service Offerings

Penetration Testing

Learn More

Active Defense

Learn More

Security Assessments

Learn More

Training & Keynotes

Learn More
 
 

Penetration Testing

Aligned with the Penetration Testing Execution Standard (PTES), we perform in-depth assessments of internal and external networks, web and mobile applications to identify programming errors, configuration weaknesses, or faulty assumptions about user behavior. Both manual inspection and automated scanning tools are used to identify vulnerabilities. We can test:

  • Web Applications
  • Internal, External, and Wireless Network
  • Mobile Applications

 
 
 

Active Defense

Test controls while improving detection and response with attacker, purple team, and threat hunting engagements.

  • Attack Simulation: Starting with access to your internal network, testers follow the tactics, techniques, and procedures of modern attackers to escalate privileges, move laterally within your environment, and gain access to sensitive client data.
  • Purple Teaming: Working transparently and collaboratively with your defensive team, our testers carry out a multitude of attacks with the goal of showing how modern tools and techniques are used. This is combined with tuning and detection capabilities to ensure attackers aren’t able to work undetected.
  • Threat Hunting: We analyze patterns of activity within your environment to identify behavior that may indicate a compromise – or a quiet but active attacker on the network. We either bring proprietary tools or use what clients already have.

 

 
 

Security Assessments

Understand what’s working well and what needs attention with a comprehensive review of technical controls in place, governance, and process along with a roadmap of action.

  • Security Program: Maintaining security program effectiveness over time requires that it be tuned to reflect changes, not only in technologies, but in business processes and people. A security program assessment project typically runs 6-8 weeks, and its output can be mapped to common frameworks such as NIST, ISO, COBIT, and HighTrust.
  • Cloud Environment: This assessment captures the wide variety of cloud initiatives and differing levels of maturity among business units and third parties to provide a unified view of the target organization’s current state of cloud security. This view includes what’s working well, what needs to be fortified, and detailed recommendations for maturing the cloud security posture.

 
 
 

Training & Keynotes

Increase skills and understanding through tailored, hands-on training of your IT and security staff.

  • Training: Small, focused working groups that drive both common understanding and objectives are invaluable as security organizations work with IT and business peers. We also conduct a number of technical security trainings tailored to application developers or IT operations audiences.
  • Keynotes: Build understanding and awareness through keynote speeches.

 

 
 

Our Faculty

This group of over 50 hands-on practitioners understands the key issues you face and delivers actionable recommendations, research, and step-by-step guidance on achieving fast and successful results.

 
 

Success! Thanks for filling out our form!

* Required Fields