SECURITY
Overview
Cyber protection is a core element of the digital age. Organizations of every size, and in every industry must incorporate cybersecurity strategies, policies and processes within their daily business activities. Moving to this new “always-on” protective mind-set is a shift and requires a new way of operating. PEAK can help you understand the cyber realm and incorporate the resources you need to protect your people, data and systems while ensuring pro-active compliance and continuous risk management.
Go Beyond With PEAK
highlighted services & solutions, only from PEAK
CYBER STRATEGY
A consultative offering to guide, assist and ensure delivery of a comprehensive cybersecurity program (Strategy, KPIs, Policies, Procedures, Solutions).
POSTURE ASSESSMENT
This service measures your cyber readiness against a wide range of threat vectors and provides a detailed report with specific recommendations for remediation.
WHITE HAT SIMULATION
A fully customized service where our White Hat cyber team simulates an attack on your systems, infrastructure and applications.
PEAK Solutions
PEAK CyberTeam
The CyberTeam is a fully customized PEAK service where we provide an experienced team of cyber security professionals to fill in the gaps of your Security business unit or deliver a complete Cybersecurity Team. PEAK CyberTeam includes a full range of security experts, including: CISO, Security Analysts, Security Architects, Security Engineers and Compliance professionals. CyberTeam guides, assists and manages program and policy development, governance, compliance, investigations, monitoring, maintenance and more.
PEAK CyberStrategy
CyberStrategy is a fully customized PEAK service where our team of security consultants and experts guide, assist and ensure delivery of a comprehensive cybersecurity program. Your cybersecurity program may include: Strategic Planning, KPI Design, Policy Creation, Solution Architecture & Design, Vulnerability Management, Patch Management, Risk Management, Incident Response, Awareness Training, Threat Intelligence, Operations, Remediation and more.
PEAK CyberPosture
PEAK Resources provides a diverse set of assessment services that measures your cybersecurity readiness against a wide range of threat vectors. A comprehensive report is generated that identifies and documents the “over-under” in your security capabilities and compares your current security readiness to peer organizations in your vertically aligned industry. This service helps identify or validate security processes, policies and solutions needed to improve your organization’s security posture as well as help build a security solution roadmap for continued risk mitigation and management.
PEAK CyberProbe
CyberProbe is a fully customized PEAK service where our White Hat cyber team simulates an attack on your systems, infrastructure and applications. This comprehensive service is designed to identify and document unmitigated weaknesses while also testing OS platforms and applications with the goal of defining potential impact and providing mitigation recommendations. Additionally, with CyberProbe, we provide comprehensive attacker simulation, wireless / firewall evaluation services, password cracking and policy examinations.
PEAK CyberForensics
CyberForensics is a fully customized PEAK service where our team of cyber forensic specialists and forensic scientists utilize best-in-class tools, best practices and years of experience to assist your organization in your time of need. With CyberForensics, our team will assist your organization in all phases of the forensic process to ensure your business is protected and secure. Typically, we engage in a structured approach: Phase I – Collections, Phase II – Analysis and Phase III – Investigation and Expert Testimony & Reporting.
Keeping up with a changing security landscape
PEAK’s Director of Security, Matt Manes, discusses the current security challenges his customers face on a daily basis. PEAK can help you understand the cyber realm and incorporate the resources you need to protect your people, data and systems while ensuring pro-active compliance and continuous risk management.
Professional Services
Project Management
PEAK will provide a single point of contact throughout the entire project. The Project Manager will work with your project team to coordinate and schedule resources, validate work completion and provide status updates.
Solution Architecture
PEAK has over 20 combined years of direct solutions experience with Converged Infrastructures ranging from SAP based solutions through International multi-pod private cloud implementations. Solution Architects will work with your team to provide a clear, concise implementation plan that will finish in weeks, not months.
Integration
PEAK will receive and assemble the entire structure in its custom integration lab in Denver. All components will be racked, cabled, upgraded to the required firmware levels, configured, and fully tested. This will verify all hardware is fully functional and minimal data center floor time will be required. We will also customize the implementation to meet your data center specifications as well as asset tagging and inventory processes.
Implementation
PEAK will provide engineers to complete onsite implementation within the data center, working closely with your staff to integrate the Rack, Power and Network interfacing to meet project requirements and follow all established policies. Once complete, the entire implementation is documented with all configurations, addressing and best practice information.
Technologies
APPLICATION SECURITY
DATABASE SECURITY
Database security is the protection of data, database applications, systems, servers and network links from compromise. Common types of security protocols include: access control, auditing, authentication, encryption, backups, application security and more.
NEXT GENERATION FIREWALL (NGFW)
A firewall is a device or set of devices (hardware, software, or both) within a computer system or network, which is configured to block unauthorized access while protecting authorized communication. Next Generation Firewalls are able to detect and block sophisticated attacks by enforcing security policies at the application level, as well as at the port and protocol level. NGFWs also protect against viruses and malware.
THREAT INTELLIGENCE
Threat Intelligence is the process of monitoring, discovering and researching internal and external threats to an organization. The better the threat intelligence, the more effective the defense and remediation protocols can be.
CLIENT / END-POINT SECURITY
Antivirus, Antimalware – Endpoint protection software purpose is to prevent, detect, and remove malicious software (malware). Malware can include computer viruses, worms, adware, spyware, stealware, and trojan horses.
INTRUSION DETECTION / INTRUSION PREVENTION (IDS/IPS)
This is a tool used to detect attempted attacks or intrusions by crackers or automated attack tools, by identifying security breaches such as incoming shellcode, viruses, malware or trojan horses transmitted via computer system or network. Intrusion Prevention Systems (IPS) actively blocks the same attacks and intrusion attempts based on a user-defined policy.
SECURITY INFORMATION & EVENT MANAGEMENT (SIEM)
SIEM technology provides real-time analysis of security alerts generated by network hardware and applications. SIEM is sold as software, appliances or managed services, and are also used to log security data and generate reports for compliance purposes. SIEM is closely related to Log Management. However, as log management focuses on the collection and storage of data, SIEM focuses on a deeper level of data and event analysis. Such analysis may include attaching information such as host information and identity information. SIEM’s can also be integrated with external remediation, workflow, and ticketing components to assist in incident resolution..
USER BEHAViOUR ANALYTICS
Infrastructure Virtualization is the basis for the transformation of the data center into a service-oriented infrastructure and a key enabler for automation and lights-out operations. By virtualizing data center infrastructure and decoupling applications and data from the physical resources they run on, IT can deliver and maintain data center services more efficiently, resiliently, and dynamically.
CONTENT FILTERING – WEB AND EMAIL
These are software programs that screen incoming emails or web pages and determine if they should be delivered to the end user. Web and Email are the most common sources of security breaches, so proper filtering and protection measures are essential for enterprise security.
MOBILE DEVICE MANAGEMENT
With the growth of smart devices, comes an influx of new penetration windows into private networks. Mobile device management is a way of allaying some of these vulnerabilities by monitoring, managing and securing which devices can have access to network resources.
SECURE NETWORK ACCESS CONTROL
An approach to network and endpoint security that attempts to unify endpoint security technology, user or system authentication, and network security enforcement. As a device connects to a network, it is extensively screened for profile information such as anti-virus software, protection level, system update level, as well as device health and access credentials. The device is not permitted access to corporate resources until it complies with pre-determined standards and pre-defined policies. Once the device meets the defined standards it is granted access to the network. With profiling and posturing policies, devices and users only have access to data and applications they have rights to.
And So Much More…
This section highlights just a few of the technologies we work with. We would love to talk with you about your business requirements and help you understand the right technologies for your environment. Additionally, we are constantly keeping our finger on the pulse of new and upcoming technologies. We strive to design and implement the perfect solutions for each one of our customers.
