“I don’t have the staff to handle 140,000 alerts. I don’t even have the staff to handle 12,000 alerts. What Counterpane does is boil all that noise down to 200 real incidents that my team needs to respond to.”

- David MacLeod, Ph.D.
CISSP, The Regence Group CISO

Enterprise Security Consulting Case Studies

Application Security Assessment
This insurance company is the country's largest provider of insurance, pensions, and benefits. The security of their customer data contained in the web application is of utmost importance. BT Counterpane performed an Application Security Assessment of their customer facing application, and identified a number of findings which exposed personally identifiable customer data.

Application Security Review
The client contacted BT Counterpane to audit the security of their web-based transactional web servers. The customer's application was designed to assist in debt management. The Application was being rolled out as a new service and the customer wanted a “White Hat Hacker” to attempt to subvert the security controls in place.

Compliance and Security Framework
The customer contacted BT Counterpane for assistance defining their security framework based on their new PCI requirements. The customer was a large Visa clearing house for transactions, which they did on behalf of several bank's credit cards. The company was described as a 200 person company still run like a “mom and pop” shop with almost no formal process or IT security. The client wanted us to review their organization based on the PCI standards and provide them with a roadmap toward compliance prior to the official audit.

Network Forensics Investigation
Client contacted BT Counterpane when they discovered they had been compromised by hackers coming from IPs originating from The People's Republic of China (PRC). They contacted the FBI who confirmed their findings and collected forensic evidence to identify the intruder's signature, but then recommended they contact a private company to perform the appropriate post-intrusion work and forensics to attempt to discover extent of the compromised hosts.

Penetration Testing
The client contacted BT Counterpane to audit the security of their DMZ networks, perform social engineering attacks, and war dial their phone blocks to check for unauthorized modems. They were concerned that through organic growth they had lost control of their networks and needed a third party to verify their controls, or lack thereof.

Staff Augmentation
Like many organizations the customer lacked a fully staffed IT security department and was unable to justify funding for FTEs due to budget constraints. The customer's IT management recognized the need, but lacked funding for an employee, but did have funding for projects and consultants.

back to Enterprise Security Consulting

Call Us:
888-710-8175

E-mail Us

Have a Managed Security Services Specialist Contact You

site map