damaging cyberattacks and the potential for full spectrum security threats to Public and private sectors has been increasing exponentially for years. The result? accelerated efforts by federal and state authorities to push Organizations to close gaping holes in their defenses. Is your organization ready?

Maybe it is time to find a safe haven.

Our Mission

haven: a shelter serving as a place of safety or sanctuary; refuge

Safe Haven Strategic is a company that specializes in providing strategic and information security services to organizations of all sizes and verticals. We adhere to sound security principles drawn from multiple industry-accepted resources such as ISO standards and NIST guidance.  In addition, we are completely vendor agnostic, so our services are rendered without putting any pressure on you to adopt a particular technology.

Information Security is our passion and we are equipped with extensive experience in a wide variety of security disciplines.  These include attack and penetration, cryptography, and secure application development.

Our range of talent has been forged from a variety of industry verticals: Small business, financial sector, global enterprises, government, and manufacturing. We have the understanding to relate with your needs and the experience to customize a solution that uniquely fits.

core cyber service offerings

Please take a moment to review the following information as it describes our core cyber service offerings. If you have a requirement that is not listed, please contact us and we will work to tailor a solution that meets your requirements. Request our offerings in the physical security or strategic security consulting services if you require a more full spectrum offering inclusive of those areas of our expertise.

We appreciate your consideration and hope to provide you and your organization a safe place to turn – a Safe Haven.

Security Best Practice Assessment (SBPA)

Security is comprised of much more than just technology.  Mission clarity, qualified personnel, sound procedures and management support are all necessary components to an effective security program.

During the SBPA, we will assess the security of your organization taking into account your threats, mission, staffing, critical assets and controls.  Your company’s practices and procedures will be evaluated from a defense-in-depth perspective ensuring that important security services and technologies are deployed to meet recommended practices.

Upon completion of the assessment, reports will be delivered highlighting areas requiring your attention.  Unlike many firms, Safe Haven will not provide a large, unwieldy list of vague security findings for you to sort through.  Instead we will provide recommendations on what your next steps should be, taking into account factors such as risk and cost.  This prioritized list will help you understand what risks are most urgent and allow you to utilize your resources and budget toward issues that have the most immediate and significant impacts to your organization’s security risk posture.

Benefits of a SBPA:

• Understand strengths and weaknesses in your security program
• Help develop tactical and strategic security plans to progress your program to desired maturity levels
• Increase stakeholder and partner confidence
• Help ensure regulatory compliance
• Provide proof of third-party, independent security testing

Defensive Security Posture Analysis (DSPA)

During the analysis of your architecture, we will evaluate your enterprise IT landscape, technologies and security posture within your network.  Factors such as routing protocol usage, encryption technologies, firewall placement, network segmentation, IDS/IPS configuration, and other technology implementations will be taken into consideration.

Using the results of our analysis, we will identify security design considerations, configuration and hardening improvements, and implementation techniques for controls critical to the protection of your networks and data.  The results of this analysis will facilitate a better understanding of your overall security posture within the technology environment and further assist you in determining security strategies.

Benefit of a defensive security posture review:

• Ensure your technology infrastructure can provide necessary security architecture to support the business mission and services
• Ensure your enterprise has the necessary controls in place to mitigate risks to the organization
• Ensure technologies are deployed in a manner that is efficient and effective
• Ensure key security strategies are employed to support a defense-in-depth posture
• Reduction in likelihood and impact of security events
• Harden systems against Advanced Persistent Threats and State Actors
• Understand security strengths and weaknesses in your technology architecture
• Provide input necessary for the development of both tactical and strategic security plans
• Increase user, customer, stakeholder and partner confidence

Network and Application Penetration Testing (PenTest)

 An unprecedented number of threats exist against our networks and applications including hackers, state-sponsored infiltration, hacking for profit and malicious insiders. These threats continually probe our cyber defenses, exploit our vulnerabilities, exfiltrate our digital assets and install and maintain hidden points of entry into our networks and systems.

A penetration test is a proactive and authorized process of evaluating security of an IT infrastructure and/or application(s). Safe Haven will attempt to safely exploit system vulnerabilities, operating systems, services and flaws within the application, poor configurations, and other points of vulnerability within the IT System. We can also leverage social engineering attacks in combination with PenTest to both gain access to systems and data that otherwise may not be available, and test an organization’s personnel and their adherence to policy and sound security practices. 

Safe Haven leverages both automated and manual technical tests in attempts to find weaknesses in the system. A variety of testing methods can be facilitated including black hat testing (no prior knowledge of the organization’s infrastructure; simulates a state sponsor or other external threat), white hat testing (full knowledge of the IT environment) or gray hat testing (simulates an insider threat). 

Upon completion of a PenTest, Safe Haven will deliver a report detailing our findings. This report will include an Executive overview as well as information detailing the flaws that were found, the vulnerabilities that were exploited and prioritized remediation recommendations.

Benefits of a PenTest include:

• Understand your infrastructure and application’s ability to withstand a legitimate hacking attempt
• Validate current controls are functioning properly
• Identify vulnerabilities and business risk
• Increase user, customer, stakeholder and partner confidence
• Meet compliance requirements

Wireless Testing (WT)

 Wireless networks can be extremely beneficial to an organization, but also present an access point for intruders to sneak through.  Safe Haven’s wireless testing service is designed to identify issues that may be lurking in your wireless deployments.  By finding weaknesses in your wireless network, we will help your organization to reduce the risk landscape via implementation of sound configurations and controls.  Additionally, we will test for rogue access points to be sure back doors do not exist into your network. 

Benefit of wireless testing:

• Ensure wireless systems are configured properly to reduce risk from improper configurations, rogue access points and flawed processes
• Understand if wireless networks are presenting unacceptable risk to the organization
•  Locate unauthorized wireless access points
•  Highlight areas of improvement based on industry best practices
•  Detect unauthorized access through your wireless connections

Social Engineering (SocEng)

 Social engineering is a great way to measure the effectiveness of the “human” aspect of your security program.  Why is this important?  People are often the first line of defense for warding off would-be hacking attempts and other common security threats.  For example, email viruses, phishing, online scams and password theft are all methods of attacks against people that are very successful.

We employ several methods to test your company’s resilience to such threats.  The results will provide information as to how well your organization’s policies are communicated and complied with. 

Benefit of Social Engineering:

• Provide measurement of policy effectiveness
• Understand the effectiveness of your user awareness and training programs by gauging employee reactions to simulated real-world events
• Gauge reaction and response of your security response team
• Highlight areas of improvement to policy, training programs, etc.

Physical Assessment (PA)

 During our physical assessment, we will take a look at how your organization is protecting its vital computer and network systems.  We also ensure that sound practices are in place to mitigate common risks, such as dumpster diving or the old-fashioned break-in.  We also have the expertise to conduct a physical penetration test to determine the efficacy of your organization’s physical security controls. 

Benefits of Physical Assessment:

• Ensure key assets are properly protected by critical physical controls
• Ensure physical perimeter is not easily compromised
• Comply with industry-leading standards

Other Related Services

• Open Source Intelligence (OSINT) 

• Strategic Threat-Scape Trend Analysis

• Solution Architecture And Engineering

• Solution Architecture Engineering And Deployment

• Risk Mitigation Strategic Planning and Deployment

• 24/7 Continuous Monitoring

• Asymmetrical Security Testing OPS and Threat Gamification 

• Incident Response Preparedness and Training

• tactical Incident Response security Teams (TIRST)  

• Physical Security Services

  • Strategic and Tactical Defense Consulting
  • Organizational Security Services and Emergency Response
  • Real-word experience and expertise
  • Assist high-level leadership with Strategic military consulting
  • Organizing and Training Special Operations and Counter-Terrorism Forces around the world
  • Physical security and risk assessments including embassies around the world
  • Operational Procedure and Contingency planning development
  • Expert in tactical employment of technology and weapon systems on the battlefield
  • Unconventional Warfare and Counterinsurgency expertise
  • Emergency airfield operations