Technical Defense, Inc.
[ home | services | partners | company ]



Technical Defense, Inc. offers a wide array of professional services. However, we pride ourselves on our creativity and ability to assemble teams tailored to our clients unique requirements. We invite you to open a dialogue with us to discuss your specific requirements. All request are kept strictly confidential.

Information Security Due Diligence Assessments:

Our Information Security Due Diligence Assessment provides a comprehensive review of an organization's current and sustainable information security posture.

Unlike other assessments, our methodology does not focus exclusively on a current snapshot of your network environment, but rather on the entirety of your organization's information security program to include analysis of:

  • Perimeter Network Security Posture
  • Internal Network Security Posture
  • Organizational Information Security Policies
  • Organizational Information Security Procedures and Practices
  • Organizational Training and Awareness Programs
  • Physical Security Posture
    •  Given the inevitability of intrusion attempts, our assessment provides recommendations that will help you mitigate current vulnerabilities and ensures that you have policies, procedures and practices in place that will help you deter and recover from future attacks with minimal impact to business operations. Our program helps you demonstrate due diligence in an effort to avoid the potential liability from shareholder or customer lawsuits for negligent security behavior.

    Each module of the Due Diligence Assessment can be executed independently to address specific concerns facing your organization. For example, many organizations chose to execute the Network Security Assessment module independently as part of a recurring vulnerability assessment process. Alternatively, an organization may task us to look at a specific information security policy for compliance with industry best-practices or to develop a policy that meets a newly emerging business requirement.

    Threat Vector Analysis:

    Any organization utilizing a risk management process to identify and mitigate risks, must do so with a valid understanding of current and emerging threats. Technical Defense can help indentify threats to an organization's technology infrastructure and evaluate safeguards that can be deployed to decrease your exposure and potential liability. Our modular methodology allows us conduct a full assessment or "fill the gaps" in your current assessment process by providing significant domain expertise and analytical capability backed by years of experience researching threats agents and capabilities.

    Management Consulting:

    Our consulting team is intimately familiar with security best practices and can help you develop and build a cost-effective information security program. We can also augment your staff with security expertise to help you make diligent risk management decisions. Additionally, we are available to provide executive briefings on a variety of topics to the senior management of your organization to make them aware of industry trends, threat profiles and security best practices.

    Policy Analysis and Development:

    Your security policies and procedures are the foundation of your organizations security posture. A formal security program must be adequately managed to provide maximum benefit to your organization. Policies, procedures, and training objectives must be dynamic to keep pace with how technology is deployed across the enterprise. Government regulations, industry best-practices, vulnerabilities, threats and security safeguards are constantly evolving and if your organization can't adapt your level of exposure increases.

    Through our Risk Management Assessment service our experts will evaluate your policies, procedures and practices for compliance with the following:

  • Organizational Strategic Objectives
  • Stated on Implied Business Requirements
  • Industry Best-Practices
  • Third-Party/Partner Requirements (e.g. Visa security requirements)
  • Applicable Domestic and International Laws and Regulations
  • Valid Threat Models
    •  Our experts can also be engaged to develop specific information security policies tailored to your business requirements, security culture and operational environment.

    Digital Integrated Response Team:

    Technical Defense maintains a "quick-react" incident response team for organizations that require assisstance investigating or recovering from an attack. Whether you are trying to mitigate an attack underway, recover intellectual property, or investigate suspicious circumstances we can provide the technical expertise to support your staff. We can also work with you to maintain the chain of evidence and interface with law enforcement as required.

    War Gaming and Red Teaming:

    Our detailed knowledge of infrastructure vulnerabilities (through real-life assessments) and threat capabilities adds a level of required realism for war gaming and exercises. Our team can also help develop and train Red Teams to meet your specific objectives. Our principals have supported organizations such as the Joint Staff, the Office of Net Assessment, and the USMC in their wargaming and strategic assessment efforts.

    Infrastucture Protection Consulting:

    Our team has provided consulting and research support on a plethora of infrastructure protection issues to include the following:

  • Proprietary research support to the President's Commission on Critical Infrastructure Protection
  • Training programs for law enforcement and first responders on Infrastructure Protection issues
  • Infrastructure Threat Assessments
    •  We also offer an OPSEC Assessment service that analyzes the availability of information from public sources, such as web sites, to determine how it might be used to plan or support an attack against the infrastructure. Given recent FBI announcements regarding this topic, this operational security exposure should be closely evaluated.

    Intelligence Analysis:

    Our staff has specific proficiency in the analysis of information warfare/information terrorism threats and capabilities, emerging technologies, and in performing nodal analysis of information networks and communication infrastructures to determine vulnerabilities and critical dependencies. Our staff has provided intelligence analysis to Fortune 500 companies and government organizations.

    Training and Awareness Programs:

    Training and Awareness are essential components of an information security program. An educated and diligent employee community helps minimize risk. Our team can help you design a training and awareness that matches your organization's requirements. In addition, we are available to provide training sessions and educational briefings.

    Information Outcomes Cell:

    The Information Outcomes Cell (IOC) is an offensive cell that provides Computer Network Attack support to Governments, Private Military Corporations and international organizations in support of peace-keeping, humanitarian or low intensity operations. The IOC can be engaged for those operations for which information attack capabilities are required to meet a strategic objective, but the environment does not warrant the use of classified attack tools.