Asset and App Inventory

The first step in securing an asset is knowing if it exists. We create a complete inventory of everything connected to your network. This enables a more informed decision when deploying security controls. Our approach helps maintain full visibility so we can adjust to the ever-changing landscape of your business and it's threat vulnerabilities.

Assessment & Enablement

We assess your program starting with the NIST Cybersecurity Framework. Technical controls are evaluated based on your business category and the threat landscape. The resulting report describes the maturity level of your cybersecurity program, with risk-prioritized findings and recommendations for improvement.

Configuration Security Standards​

We harden systems against attack during the build process. That enables security configurations, disables unnecessary features and replicates logging and alerts to a central repository. This approach mitigates risk and conserves operations resources by reducing vulnerability scan findings and manual configuration changes.

Vulnerability & Patch Management

EITS will assess the current state of your Vulnerability Management program, identify and prioritize gaps. The unique aspects of your environment are in scope, including IT, OT, Cloud, IoT, SCADA and ICS. EITS can recommend technology and process solutions, tailor fit for your needs, along with configuration, training and remediation support.

Firewall Health Check

Firewalls are a critical first line of defense. Only authorized traffic can be permitted to flow. We check for granular configurations: source, destination, port, protocol, logging and alerts. A report is provided with recommendations to improve security posture.

Penetration Testing

Vulnerability scans alone are not sufficient to protect high value data. This service leverages adversarial Tactics Techniques and Procedures (TTPs), including suites of security testing tools and manual tests. It makes sense to have an ethical hacker attempt to break in to your environment.

Incident Response

Data breaches can be devastating. We create an Incident Response Plan and conduct an exercise with your team. Coupled with our monitoring and automation, our ability to respond quickly can mitigate potential damage. With 24/7 response availability, you can recover rapidly and get back to business.

Identity & Access Management

Enable the ability to see and control what your users have access to within Active Directory, on premises or in Azure. Enable Single Sign On, Multi-Factor Authentication and Conditional Access to provide ease of use and integrated security for your local and SaaS applications. We reduce complexity and speed implementation for you.

SIEM/MDR

The SIEM is at the heart of a cybersecurity program. We ensure log & event data are received from all systems and monitoring & correlation are properly configured. We also evaluate Security Operations Center processes. The goal is to discover an adversary early on to prevent a security incident from becoming a data breach.

Email/Web Browser Protection

Microsoft Advanced Threat Protection (ATP) provides front-line defense against sophisticated adversaries. ATP is a set of policies within Exchange and SharePoint online that provide in-depth configuration and control over an organization’s data. EITS configures ATP policies to achieve strong e-mail and web browser security.

Data Protection & Recovery

Data breaches occur when unstructured data is stored outside of a control environment. EITS uses industry leading tools to identify internal leaks of sensitive data. That enables root cause analysis and a comprehensive approach to keeping data secure.

Network Segmentation & Inspection​

Our network segmentation service strictly restricts access to systems hosting sensitive data to authorized uses with a need-to-know. Deep packet inspection blocks malware, adversarial activity, non-compliance to protocols, etc.

SOAR: Security Orchestration, Automation, and Response

SOAR (Security Orchestration, Automation and Response) automatically responds and mitigates malicious activity. Modern threats such as ransomware and scripted attacks move at machine speed, quicker than an incident response team. EITS configures SOAR based on adversary Tactics Techniques & Procedures (TTPs) and Indicators of Compromise (IOCs).

Application Security

Adversaries can pass through infrastructure layer controls such as firewalls and access data through web application vulnerabilities. EITS establishes application security programs, complete with risk-based deployment of controls to detect and remediate security code defects within the SDLC. That prevents vulnerabilities from reaching production.