About Us | Contact Us
View Cart

Services


A Balanced, Empathetic Approach:  Being a Managed Security Service Provider means we too are audited, and being an Audit Firm helps us design our SIEM in a compliant manner!


Monitor Your Network

infotex will monitor your network 24x7x365, with real human beings watching everything that happens, looking for anything potentially negative, filtering out the noise, and finding reportable incidents. infotex will then respond in real-time to critical incidents per your customized “decision tree,” to a customized calling tree. A web interface is available so you can see exactly what our Data Security Analysts see.

We’re on Your Team

A big difference between purchasing an application and engaging with infotex: we join your team. Imagine hiring a team of cybersecurity professionals with certifications from ISACA, ISC2, and others, to establish a SIEM process designed by IT auditors. We work to get to know your unique system –your network AND your people – and we bring a balanced approach to help you fight the noise and respond to incidents.

A Good Night’s Sleep

We’ve studied why people contract with Managed Security Service Providers, and beyond all the rhetoric that we find on well-crafted marketing sites, we’ve reduced it all down to one thing: You want somebody to watch your back, to be there when you can’t. You want a good night’s sleep!

Our SIEM

infotex started offering network monitoring solutions in 2000 and began developing our SIEM in 2003. Founders of bleedingsnort.com, we now receive threat intelligence from many sources including emergingthreats.net. Utilizing big data, machine learning, and artificial intelligence technologies, we utilize a group of preventive and detective controls, watching alerts from IPS, IDS, ELM, CD, and our SIEM, to ensure an effective, appropriate and risk-based approach to monitoring your network.

Preventive Control: IPS

infotex uses an Intrusion Prevention Service that automatically responds to predictable attacks and poor reputation IP addresses within milliseconds. This service utilizes world class behavior anomaly signatures from Emerging Threats to enhance network perimeter security.

Detective Control: IDS

You can automate some of the processes in information security, but without Human Beings monitoring these processes, and performing threat hunting, the result is a false sense of security. If something out of the ordinary happens, our Data Security Analysts are here 24/7/365 to investigate and respond to the threat. For detection, we use thousands of signatures as well as protocol and anomaly analysis. infotex also adds customized signatures to detect the issues and activities that you are most concerned about, as well as known and unknown (zero day) threats.

Detective Control: ELM

Millions of event logs are generated each day by your servers, network devices, and various applications. Our Event Log Management solution not only helps you filter out the noise, but the interface includes everything you need to show your auditors that you are reviewing your logs. Health reporting, acknowledgement systems, customized dashboards, and real time monitoring all work together to ensure you are compliant!

Detective Control: Forensic Capabilities

Another advantage to outsourcing the network monitoring controls to a third party is that, as a third party, we are in a much better position to capture evidence in the event you need it. Our ELM system is already configured to store data forensically, but we can also be called out on site to gather evidence… on a 24×7 basis

Detective Control: Change Detection

When somebody on your staff opens a port for a vendor, have we remembered to close it? We scan of your public IP addresses on a monthly basis and report the ports that have changed since the last scan. Not only is this a great security tool, but it is an excellent change management tool as well. And, it is now required by the Cybersecurity Assessment Tool.

Tying It All Together with SIEM

Our approach makes sure that we are correlating event logs with network traffic. Our database has evolved since the turn of the century to not only queue up data but give us the ability to pivot on that data based on unique circumstances. Not only do we queue up potential correlations, but our staff is trained to look for those patterns between network traffic alerts and event logs. The result is a much more robust approach to monitoring your network, and the security advantages to that are excellent!

 

Customization

Having made the decision to “outsource” or to “get more professional help,” the next decision you need to make is this: Are you willing to hand over the important monitoring function to a cookie-cutter approach? We customize everything to your specific, unique needs.

Who Watches The Watcher?

A big difference between purchasing an application and engaging with infotex: we join your team. Imagine hiring a team of cybersecurity professionals with certifications from ISACA, ISC2, and others, to establish a SIEM process designed by IT auditors. We work to get to know your unique system –your network AND your people – and we bring a balanced approach to help you fight the noise and respond to incidents.

Put A Watch:

We interview you to gather the information we need, and next thing you know you have a report showing pertinent information about a user account, an endpoint, an IP address, a website . . . any asset you can name. Imagine the benefits of having a third party monitor a user, vendor, or even your auditor.

Decision Tree

First developed in 2003, our Decision Tree is a matrix listing all the predictable security incidents and your customized instructions as to the appropriate response. We queue up a “default decision tree” to take advantage of our 20 years of experience, but we also allow you to customize response to your own unique situation

Calling Tree

When you engage with us, infotex will help you create a calling tree very similar to what you’re already using in your Disaster Recovery Plan, only in this case it’s focused on Network Security Incidents. You will use the calling tree to direct us on how to respond to various types of incidents. While our 20 years of experience will guide you in establishing an adequate incident response plan (and thus calling tree), yours can get as granular as you wish, and leverage processes already established. It can integrate with your ticketing system, it can be email driven. Whatever helps you respond to incidents properly.

A Compliant Solution

Being in the FFIEC Examination program is not enough. We undergo several external audits, pen tests, and social engineering engagements each year. We also make sure it’s easy for you to see what controls we have in place to protect our access to your network. We teach banks and credit unions how to make sure they know the risk they face because they share information with or grant network access to vendors. Again, we walk the talk. Don’t take our word for it: Ask for a copy of our Due Diligence package. In it you will see exactly what you should be receiving from all your technology vendors: assurance of controls!

Human Reporting

The biggest myth in Information Security is that you can automate information security. Sure, some parts of the process are automated. But human beings still need to monitor the automated processes, and that’s exactly what separates infotex from other vendors. We sort through all the noise, and only involve you when you need to be involved. Yes, we have all the fancy charts and graphs and reports, but we push those out to you. Our Data Security Analysts decipher the graphs and charts, review the events collected, and create reports with varying levels of detail to share with your Incident Response Team. You are welcome to learn our interface and download all kinds of great information and statistics about your network. Still, rather than making you “pull” information from the system, human beings decipher the information and push it to you. You only see what you need to see, when you need to see it.

Balancing Technology With Humanity

Our Clients can tell you how we work not only in the technical act of watching your network, but also with the non-technical implications of our services. When we’re on your team, hundreds of policy and procedure templates are always at your disposal.

Policy Development

The calling tree and decision trees, by the way, fulfill just one strategy of your overall Incident Response Program, which infotex will help you write, as we will become part of your Incident Response Team. Other documents related to what we do, and even our premium Policy Boilerplates Library is available to Clients.

Risk Response:

  • Awareness Training
  • Custom Training Movies for:
    • Users
    • Board members
    • Customers
  • Technical Training

Free Risk Response Tools:

Risk Measurement:

Risk Monitoring:


Our audit process addresses the non-technical, technical, and people aspects of your business, allowing our certified (CISA, CISSP) auditors and security analysts to provide a comprehensive approach to your IT Audit Program.  Beginning with an audit risk assessment, we ensure your audits provide the most value.


Non-Technical Tests


Audit Risk Assessment

Our audits always start with a risk assessment meant to identify key controls . . . why test controls that mitigate no risk at the expense of testing controls that mitigate the most risk?  This becomes the basis of our audit plan.

IT Governance | General IT Controls

We review your IT management practices, the process of which will assess the IT controls related to policies, procedures, processes and training.  infotex will also perform a risk assessment relating to policies and procedures, human threats, vendor threats, and FFIEC compliance related threats.

Asset Specific (i.e. Internet Banking) Controls Review

From mobile security to mobile banking, we perform an IT security review of controls declared for specific assets which your audit risk assessment warrants testing.  These reviews will cover best practices, but also address the most recent guidance issued by regulators

Physical Security and Environmental Controls Review

We review your physical security and environmental controls of key security zones, including, but not limited to your headquarters facility, Data Center, and branch offices. We will also review your procedures regarding physical security and environmental controls in accordance with regulatory requirements.


Social Engineering Tests


In an attempt to test user-level awareness, we perform various social engineering services in an attempt to test user-level awareness.  Social engineering tests include:

  • Pretext Calling
  • Phishing, Vishing, and Spear Phishing
  • Phone Phishing
  • Physical Breach Attempts
  • Dumpster Diving, Clean Desktop Walkthroughs, Trashcan Reviews

Ongoing Pretext Calls

In this service, we perform pretext calls all year long, so that you can tell users that every time they answer the phone, it could be a test.

Password File Analysis

We perform this analysis to demonstrate the importance of strong passwords as well as measure the enforcement of your existing password policy.

Public Presence Reviews

We can analyze what others can find on your bank and its employees “in the public presence.” Like a social engineering test, a public presence review can act as a preventive control.

Social Media Reviews

To help you understand what’s being said, how and where, we will usually target three groups:  your customers, your employees, your managers.


Penetration Tests


We can target your “system” mimicking technical and nontechnical attack methods in a “capture-the-flag” exercise.  Whether for PCI compliance, Incident Response functional testing, or technical awareness, we find that the penetration test, especially one that lasts 10-14 months, is the best way to activate awareness.


Technical Tests


External Blind Scan

We utilize the latest “attack methods” to attempt to access your internal network from outside your network perimeter.

Internal Network Scan

Upon completion of the external scan, we install a proprietary device on your network that will establish a VPN to our Network Operations Center and scan for security vulnerabilities.

Network Configuration Audit

We perform an assessment of your current network configuration in accordance to vendor and industry best practices using Microsoft Baseline Security Analyzer. This includes all client and server applications as well as IT practices. We review vendor documentation for AVS, spyware defense, firewalls, and more.

Web Application Security Review

Our Web Application Security Review is performed using a phased approach. We look at both technical and non-technical controls active within your organization. These controls include but are not limited to SDLC, Change Management, and Documentation. We test control processes, user interfaces, encryption, authentication, infrastructure, and perform extensive source code reviews. We can conduct a full audit, black-box review, or a risk-based audit (using OWASP’s Top 10 as a framework).

Virtual Environment Review

We review the configuration of your virtual environment using SANS Institute publications and vendor publications as a best practice framework. This review takes into consideration visibility, configuration management, network management, and disaster recovery as well as security.

Email Configuration Audit

How do you know your e-mail is configured with best practices in mind? What if secure messages do are not configured securely? Are vulnerabilities properly addressed? These include not only technical vulnerabilities, like anti-malware and secure messaging configurations, but also the way e-mail aliases are set up. With this audit, we provide third party assurance to management so that there is never any question, and so that you don’t end up with a false sense of security.

Printer Vulnerability Assessment

All copiers and multi-function devices, and most printers, have memory even if it’s just onboard flash memory. This includes all multi-function devices. This assessment implements new audit controls to eliminate the impact of “intrusive scanning.” We then scan network connected printers and multi-function devices for vulnerabilities and common misconfiguration issues. The resulting risk mitigation makes it an audit test worth considering!


Other Assessments


Network Support Provider Risk Review

 This review produces a report very similar in format to the SOC2 Report about the existing and veracity of declared controls.

Tabletop Testing

We help your Incident Response and/or Business Continuity Team implement walk-throughs, table-top tests, and/or or full functional testing. From the test plan to the post-mortem analysis, we put your management team on the same page as your contingency planning, all within FFIEC guidelines.


Free Training Resources


Educational Events

  • Speakers
  • Conference Moderators
  • Panel Discussions
  • Talks
  • Presentations
  • Key-notes
  • Technical and Non-technical

Awareness Exercises

  • Incident Response Tabletop Tests
  • User Awareness Training (and custom movies)
  • Customer Awareness Training (and custom movies)
  • Lunch and Learns
  • Board Basic Training
  • Custom Day-long Workshops
  • Technical Training

Awareness – a key control


While as auditors and MSSPs we cannot make changes to your system, we assist with the execution of three interactive tactics to establish what we’ve come to call “Awareness,” a critical control in IT Governance.  By establishing this control at the board, management team, technical team, user, vendor, and customer levels, we ensure a balanced, risk based approach to cyber and information security. The most educated cyber-expert still clicks on links, due to a lack of activation, while users who know the policy violate it, due to a lack of motivation (not understanding why the control is in place.)


Education


We have seen that humans, often by clicking on a link, become the weakest link.  By focusing resources on educating, motivating, and  awareness activation, we create a smoother compliance path, putting everybody on the same page in a manner commensurate with risk and complexity.  Through movies, webinars, seminars, day-long workshops customized to the Client, Incident Response Testing and Training, and many other approaches, we help our Clients overcome the weakest link through Education.  Our policy and procedure boilerplates are free to all Clients, as are at least 12 webinars and movies per year.


Motivation: Realizing Why


Management, Board, Technical Team Awareness

We have mastered the art of opening the eyes of management team members, connecting the three teams of a security information event management process, through the use of the FFIEC Required incident response methodology:  Training, Test Planning, Tabletop Testing, and Post-Mortem Review.

Custom Training Movies

Prior to 9/11, we did not remove our shoes at checkpoints.  But now we know why, and thus we comply.  We produce custom movies to train employees and customers.  Our custom training services, from comedy-hours to lunch and learns, seminars, day-long workshops, webinars and movies, align with compliant strategy for training your board, management team, technical team, employees, vendors and customers.


Activation


We have caught the ISO that hired us in social engineering test, several times in our twenty-plus year history.  This means that the most educated and motivated person is still not aware unless their awareness is ACTIVATED.  We must be put on guard, and remain there, to be vigilant.   Our free awareness posters are meant to remind employees and customers of their role in our safety.

Awareness Testing

In 2002 we conducted our first penetration test that orchestrated physical, logical, and social engineering tactics.  In those early days, we would find ourselves hiding under conference tables, in dumpsters, and texting pictures from server rooms.  All this time, we always noticed an ironic truism . . . . people will click on links when they think they may be malicious, but if they think it could be a test, they are completely vigilant.  Mindfulness increases when we know there is a high likelihood that the next phone call, the next email, the next vendor visit, could be a test.

We have mastered the physical breach attempt, the pretext call, and the orchestrated penetration test.  We have successfully plugged flash drives into servers in “bullet proof” data centers.  But we also know the “capture the flag” tactic is not always the best approach.  We have designed methodologies and metrics focused on incremental improvement, using tactics aligned with your overall strategy.  Our approach includes posture interviews, endpoint audits, and comprehension exercises.


Incident Response Tabletop Tests


In twenty plus years of direct experience working with financial institutions, hospitals and others wanting to be secure, the one control that covers the most ground, the one tactic that achieves the best awareness, in our opinion, is the incident response tabletop test.  This one exercise, if designed and executed right, creates a team approach to not only incident response, but governance as a whole.

We had to cancel our first security workshop, scheduled for 09/12/2001.  Since then we developed these resources:

webinars.infotex.com movies.infotex.com
posters.infotex.com testing.infotex.com
board.infotex.com audits.infotex.com

Our trained auditors and security analysts can help you manage information technology risk.

A Balanced, Empathetic Approach:  Being a Managed Security Service Provider means we too are audited, and being an Audit Firm helps us prepare our Managed Services Clients for their audits!


same_strip_012513

Latest Articles
    Another awareness poster for YOUR customers (and users).  Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Download the large versions here: Awareness Poster (Portrait) Awareness Poster (Landscape)   You are welcome to print out and distribute this around your office.  
    Intelligence agencies from five nations contributed to the new advisory… An article review. For the first time, the cybersecurity divisions of the nations in the “Five Eyes” alliance (The United States, United Kingdom, Canada, Australia and New Zealand) have released a joint advisory concerning incident response. The report, available here, does not provide a complete […]
    PRESS RELEASE – FOR IMMEDIATE RELEASE BUSINESS NEWS NEW EMPLOYEE FOR INFOTEX infotex has just hired Nathan Harrell, to be a new Engagement Coordinator to assist with all communications between both current and prospective Clients. “We’re really excited to have Nate joining the team to help us keep the channels of communication open!” says Bryan […]
    A Webinar-Movie Short Back by popular demand! Our Board Awareness Training program continues with this movie, entitled Vulnerability Management for Directors, that can be presented directly to your board of directors.
    Nearly half of all companies expect a security issue due to telecommuting… An article review. A few months ago we discussed a warning from the Department of Homeland Security regarding hackers taking advantage of the business disruptions caused by COVID-19, and according to an article shared with us by our friend Wes Pollard it appears […]