Our Service Offerings
MSI Embraces The NIST Model
While we are comfortable working in a variety of security models and with a myriad of security baselines and compliance frameworks, we believe that the NIST model is the easiest for most security teams to understand. As such, we present our service offerings below, mapped to the NIST framework of Identify, Protect, Detect, Respond and Recover.
Identify
MachineTruth™ Network Inventory, Mapping & Segmentation
Our passive, machine learning process can inventory, map and create optimal segmentation configurations of your network with no hardware or software to deploy.
Risk Assessment, Policy & Compliance
No matter the regulatory or guidance baseline needed, our team can perform rational risk assessments, create & review policies and get your team aligned for compliance.
SilentTiger™ M&A / Supply Chain Due Diligence
MSI has experience in pre-offer prospect analsyis, technology due diligence and post-purchase security validation. Our supply chain security assessments have saved clients years of effort and risk.
Protect
Web/Mobile/API Application Assessment
We've tested hundreds of applications across verticals ranging from critical infrastructure to banking, from voting to healthcare and from e-commerce to gaming systems. Our team offers real-world assessments and acclaimed reporting designed to raise the efficiency of mitigation efforts.
Phishing, Physical Security & Social Engineering Tests
MSI can provide a wealth of different types of phishing and social engineering scenarios for your testing. Our threat intelligence systems continually feed us the newest attack vectors. Our physical security testing methodology stems from our years of work on highly sensitive government sites.
Vulnerability Assessments & Penetration Testing
We use methodology-based approaches originally designed for securing our nations most critical cyber-assets. Our testing results are comprehensive, holistic, defensible and performed in a safe, effective and professional manner. Our engineers offer deep technical knowledge & our analysis is considered to be among the best in the industry.
Office 365, AWS & Cloud Provider Audits
It doesn't matter where your data lives, we understand that you still have to protect it. We can perform configuration audits, assessments and passive threat analysis against any hosting provider, cloud vendor or virtual data center on the planet. If you'd like to get real insights around your security in the cloud, give us a call and we will make it happen.
Detect
Custom Threat & Attacker Intelligence
Leveraging our proprietary TigerTrax™ learning and analytics platform, along with our leading edge intelligence methodologies, our team can work with you to identify threats, profile threat actors, analyze large data sets and deep dive into attack trends and industry risks specific to your situation. We can help make your security efforts proactive.
HoneyPoint™ Security Server
Our patented intrusion detection and deception platform has been used to identify attacks and create custom threat intelligence by clients around the world. More than a honey pot, it's an entire eco-system of detection tools designed to make nuance detection a "deploy and forget" operation. Learn more about HoneyPoint here.
Dark Net & Threat Hunting
Our team of security experts can deep dive into the dark net for you, scouring thousands of hidden sources for potential threats to your firm or your industry. They can also turn their attention to your own network, analyzing logs, events, network traffic and other data sources to pinpoint compromised systems and attackers already inside.
ResponD & RecoveR
Business Email Compromise, Incident Response & CERT Consulting
We know that no matter how hard you try, sometimes, things go wrong. We've worked security incidents dealing with national security, financial fraud, data theft, intellectual property loss and evertything in between. If you need help, the MSI team is there to respond and get you on the path to recovery.
E-Discovery
Our team has expertise in a variety of network forensic, data analytics and e-discovery techniques. We have experts in the legal hold process, imaging, correlation and reporting on staff. The MSI team has handled a variety of civil cases, criminal cases and general litigation. We've worked through illegal data, fraud of various sorts and a myriad of compromise scenarios. We have the experience and expertise that matters.
Tabletop Exercises & Training
Take your incident response, disaster recovery or business continuity program to the next level. Our proprietary professional gaming system creates real world scenarios and plays them through with your team. Clients rave about what they learn in these sessions and the gaps that are identified. Customers love this offering so much, that many do them multiple times per year.
Stolen Data Impact Analysis & Cyber-Crime Economics Consulting
Even when the unthinkable has happened, MSI is by your side. Our team can perform analysis on stolen data and identify the potential markets and underground values. We can use the Stolen Data Impact Model to assess and plan for competitve market exposures and risks. In some cases, our team may even be able to reduce the value of the stolen data after the fact.