logo

Select Sidearea

Area for extra info, links, etc.
[email protected]
+(610) 816-010

The Operating System for CyberSecurity CyberSecurity Resource Planning (CSRP) The critical elements required by all Cyber Programs. Map your goals. Understand the Landscape. Identify your Problems. Prioritize your remediations. Track your Progress. CSRP is the Operating System for CyberSecurity. Discover How Integrated Risk Management Reducing Silos between Audit, Compliance, Risk, IT, and Cyber Teams Rapid implementation of a mature and continuous program. Regulatory Alignment. Controls Adoption. Policies Defined. Audits Implemented. Risks Identified, reduced, planned for, and tested. Responsibility and Accountability assigned. Silos destroyed. Discover How Network Mapping - Vulnerability Reduction Identifying the Vulnerabilities from Within The granular elements that make up your network are discovered, identified, whitelisted, categorized, mapped, scanned, and tagged for vulnerability and configuration issues. All tied back to what matters most, critical Business Imperatives. Discover How Momentum Methodology Mapping the Organization to Reduce the Risk Rapid uptake of the Momentum Methodology (M2) allows your organization to tailor your Cyber Program to your organization. Understand the relationship between Business Imperatives, Business Functions, and all the way down Systems and Endpoints. Discover How Cyber Culture Built In Change the Culture and Change the Game The Program is in place. The Risk is being Reduced. The Vulnerabilities are being eliminated. You’re not finished until you change the culture. Now adopt the most powerful Cyber Awareness training and testing program on the planet. Discover How

ClearArmor – the Operating System for CyberSecurity™

Cyber Security Defined, Implemented, Deployed, Measured, Managed, Audited, & Verified for Your Enterprise
Achieving Compliance with NIST, ENISA, & GDPR

 

At a Lower Controlled Cost & with Fewer Staff Through Automated Software Processes

Timeline

M2 – Momentum Methodology

M2 is the bridge between Technology, Leadership, and Process. M2 provides a standardized method to understand, implement, and work toward continued improvement in CyberSecurity

CMO – Cyber Management Office

CMO – The Cyber Management Office provides the ability to governance and manage the individual efforts your organization must execute to achieve continued improvement in CyberSecurity

CM – Controls Management

CM – Controls Management aligns your organization to the frameworks and regulatory controls they have voluntarily, or are required to follow.

PM – Policy Management

PM – Policy Management provides the ability to document and communicate how policy relates to organizational controls.

AM – Audit Management

AM – Audit Management sets the ownership, governance, schedules, and processes for auditing that the policies and controls in effect.

RM – Risk Management

RM – Risk Management allows the organization to understand and manage the events, triggers, impacts, potential reductions, reduction progress, response plans, and documented testing of those plans.

ITAM – IT Asset Management

ITAM – IT Asset Management allows for the discovery, heterogeneous data source integration, data normalization, white listing, categorization, ownership, lifecycle management, and vendor management related to hardware and software assets.

VAC – Vulnerability and Compliance

VAC – Vulnerability and Compliances provides the mechanisms to identify Software, hardware, and configuration based vulnerabilities through integrations and interfacing to IT Asset Management, IT-Pedia®data, Open Source Vulnerability Scanning, and SCAP Scanning.

CC – Cyber Culture

CC-Cyber Culture leverages included InfoSec Institute CyberAwareness Training to eliminate risk at a key CyberSecurity breach vector, people. CC starts with the rapid, engaging, and short training sessions. CC follows with testing progress using documented scores and Phishing simulation testing across the organization.

DM – Data Mapping

DM – Data Mapping allows the organization to associate key granular data with other data, making collected information more powerful and meaningful to pre-built and custom dashboards and representations.

SOC Implementation: Malware Detected & Removed ● Rogue Accounts Closed ● Smart SEIM ● AI Implemented & Managed

Extended Capabilities: (SOC as a Service2 ● Secure & Compliant Hosting2 ● Threat Detection Gateway2 ● Independent Assessment2 ● Pen Testing2 ● Pre Built Policies & Unified Controls Mapping2

Advanced Methodology: 4 Phases ● 17 Stages ● Organization Wide Collaboration ● Fast Track to Assessment ● Fast Track to Adoption

Cultural Improvement: Cyber Awareness Training ● Phishing Simulation and Testing ● Asset Use

Intelligence: Charts ● Reports ● Dashboards ● Groupings ● Filters ● Data Source Catalogs ● Permissions ● AI Machine Learning1

Risk Response: Plans ● Plan Versioning ● Plan Acceptance ● Sub Plans ● Phases ● Steps ● Responsibilities ● Expected Outcomes ● Test Scheduling ● Test Results

Risk Management: Risk Domains ● Risk Types ● Risk Event Register ● Triggers Association ● Probabilities Association ● Quantification ● Prioritization ● Cost Analysis ● Reduction

Audit Management: Portfolio Management ● Granular Assignment ● Scheduling ● Status / Progress ● Process Definition ● Evidence Collection ● Results Acceptance

Cyber Management Office: Regulatory Frameworks ● Organization Structure ● Profiles ● Controls ● Policies ● Evidence Collection ● Responsibility ● Accountability

Data Mappings: Risk Objectives 2 Systems ● Systems 2 Business Functions ● Systems 2 Landscapes ● Endpoints 2 System Landscapes ● Subnet 2 Location

Technology Dictionary Management: Systems ● System Groups ● Landscapes ● Subnets ● Data Types

Business Dictionary Management: Risk Objectives ● Business Functions ● Country ● State/Province ● Location ● Roles ● Processes

Active Directory Scan: New Accounts ● Domain Admins ● Stale Devices ● Stale Accounts ● Locked Accounts ● Orphaned Objects ● Last Authentication

Data Discovery: Data Files ● File Usage ● Database Managers

Vulnerability Detection: Asset CVE ● Asset CWE ● SCAP Scanning1

Asset Hygiene: Patches Provisioned ● Missing Patches ● Configuration Acceptations

Asset Protection: Asset Base Lines ● Passive File Watch ● Active File Watch / Prevention

Asset Connectivity: Application Dependencies ● System Dependencies1 ● Port Flow Analysis

Asset White Listing: White Listing ● Provisional White Listing ● Black Listing

Asset Lifecycle Discovery: End of Life ● End of Support ● End of Extended Support

Asset Discovery: Hardware Assets ● Software Assets ● Hardware Verification ● Software Verification ● Asset Ownership ● Exhaustive Hardware Configuration Details

EN Topographer It's Not About Tools Momentum Methodology Risk Management The Audit Function

Latest News & Info