Protective Services

Prevention, detection, and containment

InGuardians Protective Services Team delivers expert guidance to your IT employees, stakeholders and management in order to better defend their assets against targeted threats.

InGuardians Protective Services Team delivers expert guidance to your IT employees, stakeholders, and management in order to better defend their assets against targeted threats.  In addition to Proactive Hardening and Security Architecture Services, InGuardians Protective Services also include  Threat Hunting and Incident Response.

All of our Protective Services begin with building a threat profile of the client.  In this process, our entire team identifies the threats and actors that pose the most risk to your organization.  We can then use the threat model to determine the most effective security controls to deter the attacks, in addition to implementing audit measures to determine when breaches occur.

The services below are a subset of what InGuardians can do for your organization.  

Security Architecture Review
InGuardians analyzes your security architecture and provides recommendations on controls and audit measures.

InGuardians’ Security Architecture Reviews are broad-ranging and provide an in-depth analysis of your information security controls and audit measures. Our guidance, presentation, and report will help your team understand the current strengths and weaknesses of your security architecture, and provide a roadmap to construct stronger defenses and become more resilient to attack.

InGuardians assesses existing policies & configurations, interviews key stakeholders, and measures control and audit functions to identify gaps, deficiencies, and build a plan to remediate them.

Purple Team Training
InGuardians believes that security success comes when “Red” works with “Blue” in a non-adversarial partnership.

The heart of an InGuardians’ Purple Team is the collaboration between your team and our Operators.  Each training is customized and tailored specifically to the needs of your team and overall business requirements, making each Purple Team Training unique.  We cover every aspect of the attack chain, from the edge of your network through domain compromise and beyond.

Security Program Assessment
InGuardians analyzes your security program and provides recommendations on protective controls and audit measures.

The threat landscape facing organizations today requires a defensible architecture complete with preventative controls and detailed monitoring capabilities.  InGuardians Security Program Reviews helps your team defend your enclave, deter threats, and dominate your domain.

These reviews provide detailed analysis of your current security program and provides your organization with a roadmap to achieving your security goals.

System Hardening Assessment
Locking down systems with custom configuration changes and tools

Proactive security measures disrupt or contain a bad actor’s attack.  InGuardians’ operating system hardening and assessment service uses configuration steps and open source tools to block the initial compromise or contain its thread.  Determine your gaps from standards and leapfrog into best practice. This starts at the operating system and application-level configuration settings, moves on to custom SELinux or AppArmor profiles and continues with local system instrumentation.  Past customers of this service have run the gamut from DevOps to security appliance vendors to universities.

Request InGuardians hardening services on production systems or on systems you have in development.

Risk Mitigation Assessment
Following a penetration test, InGuardians will perform validation testing in order to evaluate the effectiveness of our client’s remediation efforts.

Our team will also recommend industry best approaches to address any outstanding vulnerabilities with an action plan that considers not only the technology but, more importantly, the business objectives of your organization.

OWASP Software Assurance Maturity Model (SAMM) Assessment and Consulting Service
InGuardians’ Software Assurance Maturity Model (SAMM) Assessment and Consulting Service reviews and provides guidance to strengthen our clients’ Secure Software Development Lifecycle (SDLC)..  Leveraging OWASP’s SAMM ( framework, our team of seasoned security experts guides your organization through the intricate pathway of building and enhancing software security posture via the following measures: 


  • Software Assurance Maturity Model (SAMM) Assessment
  • Strategy Development
  • Implementation Assistance
  • Training and Awareness
  • Continuous Improvement
  • Tool Integration
  • Compliance and Reporting


InGuardians clients benefit from our expertise to improve their software security practices, ensuring that they meet industry standards, and fully understand that those standards help to build a framework for software security. With InGuardians help in using the OWASP Software Assurance Maturity Model (SAMM), InGuardians clients are better positioned to manage risks, ensure compliance, and build customer trust by demonstrating a commitment to security.


Read more about the OWASP Software Assurance Maturity Model (SAMM) via:

Custom Training
You know Kung fu?  Show me. – Morpheus

For over eighteen years, InGuardians trainers have set the standard for excellence in the information security industry.  We have helped author and deliver some of the most popular courses at The SANS Institute, Black Hat, Cansec, Interop, RSA, IDA, Distributech, and on site for private customers.  Contact us to get started on creating a customized training experience for your team.

Configuration Review
The experience level of our team allows us to engage in comparative evaluations of various security products. InGuardians’ Protective Services Team is particularly experienced in this area of computer security.

Our team has developed several security assessment tools, including two of the most popular within industry and government: the original CIS Linux/UNIX scoring tool and Bastille Linux.  InGuardians’ Protective Services Team will perform a hardening assessment and recommend industry best approaches to address discovered vulnerabilities with an accompanying action plan that considers not only the technology but, more importantly, the business objectives of each client.

Policy Development and Review
InGuardians’ Protective Security team will review your corporate information security policies and those with direct relevance to information security. Our team will determine whether an adequate corporate framework exists for an information security program, in light of regulatory requirements including Sarbanes-Oxley, HIPAA, GLBA, NERC, FERC, NY DFS 500 and others.  Where needed, InGuardians will work with you to develop policies and processes that remediate any discovered gaps.
IDS Tuning
The scope of this engagement will cover the tuning of IDS signature sets, an IDS architecture review, including recommendations for future deployment, and an examination of current incident escalation and handling procedures.

In this review, InGuardians intrusion detection and incident handling experts will analyze the traffic flow, analysis methodology, and policies of your organization in order to make appropriate recommendations on how to better manage your systems and improve intrusion detection and incident handling practices.

Threat Hunting
Actively searching for malicious threats or actors on information systems.

InGuardians HuntTeam operators use both defensive and offensive teams to identify compromised systems, malicious code, and other indicators of compromise.

Incident Response
InGuardians helps you contain the breach, eradicate the attackers, and make a full recovery.

It is no longer a question of if, but when you will be breached.  Most organizations are ill-equipped to handle their own breach investigations.  During the past eighteen years, InGuardians has helped over one hundred Fortune 1000 companies recover from serious compromises.  The process of containing the breach and eradicating the attackers is often a daunting one.  InGuardians Incident Response Team has the experience to help your organization make a full recovery.

Incident Response Plan Review & Development
InGuardians will review your organization’s current Incident Response (IR) Plan, propose revisions and propose adjustments, in order to assist your organization in creating a comprehensive IR plan that meets your needs and its network environment.

The experience level of our team allows us to engage in comparative evaluations of various security products.  Some of these evaluations have been published in various information security magazines.  Even when our tailored approach to a client project uses a commercially available tool, we analyze and evaluate the results from that tool to provide the client with realistic, prioritized solutions. InGuardians never uses an out-of-the-box report for the services provided.

Incident Response Training
InGuardians will devise appropriate incident handling table-top exercise(s) for your organization in order to further develop incident response skills.

 Our Incident Response team will review your current Incident Response plan, and devise customized IR Team exercise(s) / scenarios based on your organization’s needs. Policy, procedure, and technical issues will be explored in-depth by the scenario. 

InGuardians will create a document that describes any deficiencies discovered in the incident handling procedures during the training, as well as concerns identified while the scenarios were conducted, as part of the deliverable and will include specific, real-world recommendations based on our experiences with best-of-breed incident handling teams.

Press and Speaking

InGuardians subject matter experts are available for press and public speaking opportunities.  We write, we teach, we do.