B-LUC Consulting

B-LUC Consulting - What we do

• Risk Assessments

  • Vulnerability Assessments

    Vulnerability Assessments check a network for service access and vulnerabilities which would allow an adversary to penetrate that network.
    Vulnerability Assessments come in two forms:
    • External - where we assume the adversary sits outside your network
    • Internal - where we assume that the adversary has already managed to get inside your network
    Vulnerability Assessments will produce:
    • An executive summary
    • A list of findings sorted by severity which can serve as a starting point for a remediation plan
    • A full list of findings per IP address complete with severity, references and possible remediation tactics

  • Network Security Assessments

    Network Security Assessments check security settings on network devices (e.g. firewall, router, switch, access point) against recommended standards (e.g. CIS benchmarks).
    Network Security Assessments will produce:
    • An executive summary
    • A list of findings sorted by severity which can serve as a starting point for a remediation plan

  • Server Security Assessments

    Server Security Assessments check security settings on servers (e.g. Unix, Linux, Windows) against recommended standards (e.g. CIS benchmarks).
    Server Security Assessments will produce:
    • An executive summary
    • A list of findings sorted by severity which can serve as a starting point for a remediation plan

  • Application Security Assessments

    Application Security Assessments check security settings on critical applications (e.g. database, web server) against recommended standards (e.g. CIS benchmarks).
    Application Security Assessments will produce:
    • An executive summary
    • A list of findings sorted by severity which can serve as a starting point for a remediation plan

• Security Awareness

  Security Awareness consists of two components:
  • Training
    • B-LUC Consulting provides template slides that you can adapt to your specific organization
    • B-LUC Consulting provides face-to-face training to your staff and management
  • Social Engineering
    Email still constitiutes the majority of attempts to gain unauthorized access.
    B-LUC Consulting offers phishing campaigns to test the awareness of your staff and management against those type of attacks.

• Custom work

  • Setup, harden and maintain Linux and Unix servers
  • Setup, harden and maintain application servers (eg. EMail/Zimbra, Web server, Zenoss, Backup, NFS/Rsync, DNS, FTP)
  • Setup, harden and maintain custom appliances (eg. Load Balancers, IDS/IPS, Log Servers)
  • Provide custom software development in bash, perl and php