StraitSys has developed a systematic approach to improving and hardening any asset, enclave or enterprise. Using industry best practices, the team focuses on increasing maturity in each of the Cyber Domains below:
Governance – We maintain audits, policies, compliance and procedures.
Risk Assessments – We perform Penetration Tests that include Social Engineering, Infrastructure identification, Whitelisting reviews, and Data Recovery recommendations.
Secure Engineering – We develop and integrate Application, Cryptography, Network or Cloud Security, Enhanced Data Protections, and Access/Identity Controls.
Standards – We work with external governance boards (government or government-funded) to define future best practices and make recommendations on impacts of implementation (NIST, DICAP, PCI, HIPAA, etc.).
Security Operations – We perform daily monitoring, detection, protection, incident response, vulnerability management and prevention.
Training – We review and recommend appropriate training, conferences, certifications and general awareness for security improvements to the entire employee base.
Threat – We work closely with internal (SOC/Insider Threat) and external (Threat Intelligence) to better understand potential adversaries and contextualize all source threat data. This function develops indicators of compromise (IOC’s) and is also a part of rigid information sharing exchanges throughout the public and private sectors.