LIFARS provides tactical and strategic advice used by clients to increase their organizational security maturity level. This counsel is provided after evaluating a client’s:
- Endpoint Security (protection, detection and response mechanisms recommended for securing enterprise systems, servers and user stations);
- Enterprise Security (hardening of policies and enterprise-wide services);
- Security Architecture (recommendations to increase security maturity level);
- Network Security (recommendations to increase the security level of network systems, devices and connections);
- Security Operations (recommendations for daily cybersecurity management);
- IR Program (preparedness and readiness recommendations to address future cybersecurity incidents);
- Corporate Security Awareness (raising the awareness of potential security issues and vulnerabilities, including by regular penetration tests and threat hunting).
The general first step in most engagements involves understanding the current security level of network systems, devices and connections. For example, LIFARS may conduct a comprehensive architecture gap analysis and review assessment. LIFARS also can conduct internal and external penetration testing as well as cyber simulated attacks and internal phishing testing.
Clients will learn from the pen test and technical security audit results and adapt their configurations accordingly. LIFARS also helps clients create a cyber security roadmap that encompasses related cyber maturity and resiliency frameworks and advises on creating clear and enforceable cyber policies and guidelines across the enterprise. During this process, clients harden and reinforce their enterprise system security, including with network devices, active directory, and security devices and evaluate a network asset management discovery and mapping solution. LIFARS also enhances a client’s best practices by deploying offensive and defensive red and blue teams to test breach sceneries.
Examples of related services include perimeter devices audits and reviews of related policies and blocking/prevention rules, testing of IPS/IDS systems for perimeter and internal traffic, implementation of two-factor authentication for production and development systems, and the implementation of network security monitoring solutions. And, should a compromise impact a client, LIFARS can quickly move in with a staff that includes several of the best malware engineers on the planet to provide specialized malware analysis (including reverse engineering) for APTs, nation state attacks, FIN6, memory implants, ransomware, and other crimeware.