haven: a shelter serving as a place of safety or sanctuary; refuge
Safe Haven Strategic is a company that specializes in providing strategic and information security services to organizations of all sizes and verticals. We adhere to sound security principles drawn from multiple industry-accepted resources such as ISO standards and NIST guidance. In addition, we are completely vendor agnostic, so our services are rendered without putting any pressure on you to adopt a particular technology.
Information Security is our passion and we are equipped with extensive experience in a wide variety of security disciplines. These include attack and penetration, cryptography, and secure application development.
Our range of talent has been forged from a variety of industry verticals: Small business, financial sector, global enterprises, government, and manufacturing. We have the understanding to relate with your needs and the experience to customize a solution that uniquely fits.
Please take a moment to review the following information as it describes our core cyber service offerings. If you have a requirement that is not listed, please contact us and we will work to tailor a solution that meets your requirements. Request our offerings in the physical security or strategic security consulting services if you require a more full spectrum offering inclusive of those areas of our expertise.
We appreciate your consideration and hope to provide you and your organization a safe place to turn – a Safe Haven.
Security is comprised of much more than just technology. Mission clarity, qualified personnel, sound procedures and management support are all necessary components to an effective security program.
During the SBPA, we will assess the security of your organization taking into account your threats, mission, staffing, critical assets and controls. Your company’s practices and procedures will be evaluated from a defense-in-depth perspective ensuring that important security services and technologies are deployed to meet recommended practices.
Upon completion of the assessment, reports will be delivered highlighting areas requiring your attention. Unlike many firms, Safe Haven will not provide a large, unwieldy list of vague security findings for you to sort through. Instead we will provide recommendations on what your next steps should be, taking into account factors such as risk and cost. This prioritized list will help you understand what risks are most urgent and allow you to utilize your resources and budget toward issues that have the most immediate and significant impacts to your organization’s security risk posture.
Benefits of a SBPA:
During the analysis of your architecture, we will evaluate your enterprise IT landscape, technologies and security posture within your network. Factors such as routing protocol usage, encryption technologies, firewall placement, network segmentation, IDS/IPS configuration, and other technology implementations will be taken into consideration.
Using the results of our analysis, we will identify security design considerations, configuration and hardening improvements, and implementation techniques for controls critical to the protection of your networks and data. The results of this analysis will facilitate a better understanding of your overall security posture within the technology environment and further assist you in determining security strategies.
Benefit of a defensive security posture review:
An unprecedented number of threats exist against our networks and applications including hackers, state-sponsored infiltration, hacking for profit and malicious insiders. These threats continually probe our cyber defenses, exploit our vulnerabilities, exfiltrate our digital assets and install and maintain hidden points of entry into our networks and systems.
A penetration test is a proactive and authorized process of evaluating security of an IT infrastructure and/or application(s). Safe Haven will attempt to safely exploit system vulnerabilities, operating systems, services and flaws within the application, poor configurations, and other points of vulnerability within the IT System. We can also leverage social engineering attacks in combination with PenTest to both gain access to systems and data that otherwise may not be available, and test an organization’s personnel and their adherence to policy and sound security practices.
Safe Haven leverages both automated and manual technical tests in attempts to find weaknesses in the system. A variety of testing methods can be facilitated including black hat testing (no prior knowledge of the organization’s infrastructure; simulates a state sponsor or other external threat), white hat testing (full knowledge of the IT environment) or gray hat testing (simulates an insider threat).
Upon completion of a PenTest, Safe Haven will deliver a report detailing our findings. This report will include an Executive overview as well as information detailing the flaws that were found, the vulnerabilities that were exploited and prioritized remediation recommendations.
Benefits of a PenTest include:
Wireless networks can be extremely beneficial to an organization, but also present an access point for intruders to sneak through. Safe Haven’s wireless testing service is designed to identify issues that may be lurking in your wireless deployments. By finding weaknesses in your wireless network, we will help your organization to reduce the risk landscape via implementation of sound configurations and controls. Additionally, we will test for rogue access points to be sure back doors do not exist into your network.
Benefit of wireless testing:
Social engineering is a great way to measure the effectiveness of the “human” aspect of your security program. Why is this important? People are often the first line of defense for warding off would-be hacking attempts and other common security threats. For example, email viruses, phishing, online scams and password theft are all methods of attacks against people that are very successful.
We employ several methods to test your company’s resilience to such threats. The results will provide information as to how well your organization’s policies are communicated and complied with.
Benefit of Social Engineering:
During our physical assessment, we will take a look at how your organization is protecting its vital computer and network systems. We also ensure that sound practices are in place to mitigate common risks, such as dumpster diving or the old-fashioned break-in. We also have the expertise to conduct a physical penetration test to determine the efficacy of your organization’s physical security controls.
Benefits of Physical Assessment: