Consulting

IANS Consulting Services provide clients with guidance and know-how aimed at improving security posture and reducing business risk through assessments, testing scenarios, and technical training. Consulting engagements are managed and scoped by the IANS team and delivered by IANS Faculty, so your internal teams stay focused on their day-to-day. Faculty are industry-recognized cybersecurity experts and information security practitioners, many of whom have attained top-level government agency security clearance. We work with you to shape engagements at a fixed cost and match them with the right IANS Faculty experts to help you save time, stay focused, and stay compliant.  

Aaron Turner, IANS Faculty

The IANS Difference

Security Focus
IANS provides a sole focus on improving security, risk, and compliance programs. IANS helps clients make trusted and vetted security decisions with access to over 60 Faculty members who are industry-recognized information security experts.
Project Management
Keep internal teams focused with IANS project management and engagement delivery by IANS Faculty.
Industry Experts
All projects are staffed by expert practitioners with deep, hands-on domain and technical experience.
Actionable Guidance
Gain actionable and practical guidance that is designed to communicate issues clearly to executives, and to reduce risk.
Fast Start
For IANS Decision Support clients, a streamlined procurement process and program management ensures a fast start and is supplemented with research content. You work with a team you know and trust.

Consulting Service Offerings

Penetration Testing

Learn More

Cloud Security Maturity

Learn More

Active Defense

Learn More

Security Assessments

Learn More

Training & Keynotes

Learn More

Penetration Testing

Aligned with the Penetration Testing Execution Standard (PTES), we perform in-depth assessments of internal and external networks, web and mobile applications to identify programming errors, configuration weaknesses, or faulty assumptions about user behavior. Both manual inspection and automated scanning tools are used to identify vulnerabilities. We can test:

  • Web Applications
  • Internal, External, and Wireless Network
  • Mobile Applications

Learn More
penetration testing hero image
 

Cloud Security Maturity


Developed in partnership with Securosis, the Cloud Security Maturity Model (CSMM) is a set of guidelines, not all of which will work for every organization.

Organizations should use the model as a starting point and a means to make decisions about how much investment in each category makes sense in their environments.

The associated diagnostic is designed to quickly determine your place on the maturity model. IANS Faculty use the results to help pinpoint issues in your cloud security program and identify areas for improvement. 

Learn More
 
 

Active Defense

Test controls while improving detection and response with simulated attacker, purple team, and threat hunting engagements.

  • Attack Simulation: Starting with access to your internal network, testers follow the tactics, techniques, and procedures of modern attackers to escalate privileges, move laterally within your environment, and gain access to sensitive client data.
  • Purple Teaming: Working transparently and collaboratively with your defensive team, our testers carry out a multitude of attacks with the goal of showing how modern tools and techniques are used. This is combined with tuning and detection capabilities to ensure attackers aren’t able to work undetected.
  • Threat Hunting: We analyze patterns of activity within your environment to identify behavior that may indicate a compromise – or a quiet but active attacker on the network. We either bring proprietary tools or use what clients already have.

 

 
 

Security Assessments

Understand what’s working well and what needs attention with a comprehensive review of technical controls in place, governance, and process along with a roadmap of action.

  • Security Program: Maintaining security program effectiveness over time requires that it be tuned to reflect changes, not only in technologies, but in business processes and people. A security program assessment project typically runs 6-8 weeks, and its output can be mapped to common frameworks such as NIST, ISO, COBIT, and HighTrust.
  • Cloud Environment: This assessment captures the wide variety of cloud initiatives and differing levels of maturity among business units and third parties to provide a unified view of the target organization’s current state of cloud security. This view includes what’s working well, what needs to be fortified, and detailed recommendations for maturing the cloud security posture.

 
 
 

Training & Keynotes

Increase skills and understanding through tailored, hands-on training of your IT and security staff.

  • Training: Small, focused working groups that drive both common understanding and objectives are invaluable as security organizations work with IT and business peers. We also conduct a number of technical security trainings tailored to application developers or IT operations audiences.
  • Keynotes: Build understanding and awareness through keynote speeches.

 

 
 

Our Faculty

This group of over 100 hands-on practitioners understands the key issues you face and delivers actionable recommendations, research, and step-by-step guidance on achieving fast and successful results.

 
 
 

Want to know more? Let us know how we can help you.

 

* Required Fields