Actively Protecting Information Systems
Panthera approaches information security with a proven iterative approach that mitigates threats through proactive security practices. Panthera has partnered with RF Defense, LLC to provide vulnerability assessments as part of our comprehensive solution. Our process encompasses management, operational and technical security controls and solutions ranging from passive protective measures to active defensive responses. We apply best practices and a set of methodologies that enable us to assess the situational security posture of sensitive information and information systems in a consistent and repeatable approach to determine what security measures are needed for securing the valuable information assets.
Panthera performs yearly internal, external, and wireless third party penetration tests for HIPAA, SOX, GLB, and PCI DSS in support of regulatory compliance requirements that apply to our customers.
Social Engineering Testing
Panthera uses a unique approach to social engineering, “fit in and disappear”. We utilize knowledge of the client that is gleaned from multiple sources to infiltrate their organization digitally and physically. We employ tactics, techniques and procedures from prior agency and industry experience to gain access to the client site. This type of engagement is typically setup as a separate Rules of Engagement in order to protect the company, the employee’s privacy, and the Panthera team. The use of targeted email, covert operations and off-site surveillance are used to gain information and knowledge of the client environment. All of this information is rolled up into a tactical mitigation and remediation plan for the client to further improve their overall security posture.
Penetration Testing (Red Team) and Security Assessments (Blue Team)
Panthera has extensive experience in performing recurring assessment services focusing specifically on wired and wireless security and penetration services for independent testing and continuous monitoring activities. A penetration test is the process of actively evaluating your information security measures. There are a number of ways that this can be undertaken, but the most common procedure is that the security measures are actively analyzed for design weaknesses, technical flaws and vulnerabilities; the results are then delivered comprehensively in a report to executive management and technical audiences. A security assessment is more passive and will not only help protect important information technology assets and data, but it will also provide the client with an end-to-end process that will allow for the identification of and response to hostile entities in the future. The team has extensive experience in performing recurring active and passive security services focusing on identification and mitigation of vulnerabilities.