Skip to content
STETSON CyberGroup Logo
  • About Stetson
  • Services
  • Threat Feed
  • Video Blog
  • Contact Us
  • Breached?
Video Blogntria2021-10-07T12:43:14-04:00

Video Blog

Test the effectiveness and resiliency of enterprise assets through identifying and exploiting weaknesses in controls (people, processes, and technology), and simulating the objectives and actions of an attacker.
(CIS 18 VIDEO SERIES) CIS 18 - Penetration Testing
YouTube Video UClzSB3EjZ6TLzf8HHQAiSoQ_BfD3ldGqQu0
Establish a program to develop and maintain an incident response capability (e.g., policies, plans, procedures, defined roles, training, and communications) to prepare, detect, and quickly respond to an attack.
(CIS 18 VIDEO SERIES) CIS 17 - Incident Response and Management
YouTube Video UClzSB3EjZ6TLzf8HHQAiSoQ_rwKqNy73vAc
Manage the security life cycle of in-house developed, hosted, or acquired software to prevent, detect, and remediate security weaknesses before they can impact the enterprise.
(CIS 18 VIDEO SERIES) CIS 16 - Application Software Security
YouTube Video UClzSB3EjZ6TLzf8HHQAiSoQ_hZXiiTjsMp0
Develop a process to evaluate service providers who hold sensitive data, or are responsible for an enterprise’s critical IT platforms or processes, to ensure these providers are protecting those platforms and data appropriately.
(CIS 18 VIDEO SERIES) CIS 15 - Service Provider Management
YouTube Video UClzSB3EjZ6TLzf8HHQAiSoQ__9oze2RqLxA
Establish and maintain a security awareness program to influence behavior among the workforce to be security conscious and properly skilled to reduce cybersecurity risks to the enterprise.
(CIS 18 VIDEO SERIES) CIS 14 Security Awareness and Skills Training
YouTube Video UClzSB3EjZ6TLzf8HHQAiSoQ_xWjER-arPj8
Operate processes and tooling to establish and maintain comprehensive network monitoring and defense against security threats across the enterprise’s network infrastructure and user base.
(CIS 18 VIDEO SERIES) CIS 13 - NETWORK MONITORING AND DEFENSE
YouTube Video UClzSB3EjZ6TLzf8HHQAiSoQ_iCye6HHV4yk
Establish, implement, and actively manage (track, report, correct) network devices, in order to prevent attackers from exploiting vulnerable network services and access points.
(CIS 18 VIDEO SERIES) CIS 12: NETWORK INFRASTRUCTURE MANAGEMENT
YouTube Video UClzSB3EjZ6TLzf8HHQAiSoQ_EW_ua8PLkSo
Control 11: Data Recovery 
Overview: Establish and maintain data recovery practices sufficient to restore in-scope enterprise assets to a pre-incident and trusted state.
(CIS 18 VIDEO SERIES) CIS #11 - DATA RECOVERY
YouTube Video UClzSB3EjZ6TLzf8HHQAiSoQ_2EvniFPG_eo
CIS #10 - MALWARE DEFENSES
Prevent or control the installation, spread, and execution of malicious applications, code, or scripts on enterprise assets.
(CIS 18 VIDEO SERIES) CIS #10 - MALWARE DEFENSES
YouTube Video UClzSB3EjZ6TLzf8HHQAiSoQ_jYM1509G20Q
CIS Critical Security Control 9: Email and Web Browser Protections

 Improve protections and detections of threats from email and web vectors, as these are opportunities for attackers to manipulate human behavior through direct engagement.
(CIS 18 Video Series) CIS #9 Email and Web Browser Protections
YouTube Video UClzSB3EjZ6TLzf8HHQAiSoQ_D_ru5HNB-44
Load More... Subscribe
Long Island

360 Motor Parkway, Ste 650
Hauppauge, NY 11788

631.417.3500
1.833.HACK.100

PRIVACY POLICY | SUPPORT
©     |   SITE DESIGN BY JP WEBS   |   ALL RIGHTS RESERVED  
This website uses cookies to ensure you get the best experience. By continuing you consent to our use of cookies.OKPrivacy policy
Risk Assessment

Risk Assessment – Identify, assess, and prioritize risks to your company – To effectively manage risk, it is critical to identify all assets and data in your company. You cannot protect what you don’t know you have. From outdated operating systems to being in a high flooding area, a risk assessment will identify, assess, and prioritize the risk affecting most critical functions of your company.

Gap Analysis

Gap Analysis – See what’s missing – After a risk assessment you will know your critical infrastructure and each associated risk. A Gap Analysis will identify whether there are adequate controls implemented to address the risks and determine whether they stack up to regulations and common standards. Performing a Gap Analysis on your organization lets you know where you stand, identifies areas requiring improvement to the overall security posture of your organization, and what controls are missing.

IT Audit

IT Audit – Test your controls – After a Gap Analysis, you will know what controls to put in place. Once those controls are implemented, are they consistently being followed? Does each employee know the policies and procedures put in place? An IT Audit will test the controls and make sure they are effectively protecting the organization.

Pen-Testing

Pen-Testing – Test your infrastructure – After the IT Audit provides the assessment of whether your policies and procedures are enforced and effective, you should perform penetration testing to determine how well the technology works. A Pen-Test will test for weaknesses and vulnerabilities in your network and throughout the organization. From testing social engineering to physical access, a Pen-Test will bring all weaknesses out of the shadows.

Incident Response

Incident Response – When nightmares come true – Audits and Pen-testing help keep the bad guys at bay and make you a harder target to infiltrate. However, even after all the tests and audits, the bad guys might still find a way in. Sometimes the fears come true, whether it is a Zero-Day attack, or an employee that just clicked the wrong thing in a Phishing email, Incident Response is critical to contain and remediate any breach.

Digital Forensics

Digital Forensics – Get to the truth – After a breach can be a scary time but being attacked again is even scarier. Find out how the event happened and how to prevent it from happening again. Was it an inside job? Was it a Nation-State-Actor? What did they take? How did they take it? How long did they have access to my systems? Digital Forensics can answer all these questions and help with any legal issues that may arise as a result of a breach. Digital Forensics can make or break a case!

Protect

  • Audit
  • Risk Assessments
  • CMMC Certification

Defend

  • Pen Testing
  • Vulnerability Scanning
  • Incident Response Tabletop Exercises

Respond

  • Digital Forensics
  • Incident Response
  • Expert Witness
  • Litigation Support
  • Local and Federal Law Enforcement