ERE Information Security Auditors
Home | Site Map | Contact Us |  Resource Center
list of IT security and compliance audit steps
ERE Differentiators from other vendors

ERE Information Security Auditors
ERE provides extensive knowledge transfer

Managed Cyber Security Services and Consulting

ERE provides and supports a wide range of managed cyber security services (MSP or MSSP).

We also do cyber security consulting. Consulting services include security vulnerability tests, pen tests, creating documents such as security gap analysis, security maturity models, security policies and security procedures.

ERE consults on how to calculate ROI on security expenditures. We present how to minimize cyber security risk to executive committees.
 

About Our Clients

Our Clients
  • Companies with the need compliance with cyber security standards imposed by;
  • Government regulations
  • Their clients and partners
  • Industry standards
  • Their external auditors
  • Their internal auditors
  • Companies responding to Governance and Board of Directors concerns about specific cyber security issues
  • Companies directed to manage / mitigate cyber security risk by their executive committees
  • Our clients are both in Canada and the USA
 

Deep Visibility into Security Posture
Deep Visibility into Security Posture
  • Security Intelligence delivered by Event Log Monitoring and SIEM service.
  • Behavioral Analysis delivered by Event Log Monitoring / SIEM Service
  • Threat Intelligence delivered by Open Threat Exchange (OTX)
  • Asset Discovery by Device Discovery Scanning Service.
  • Data loss prevention service provided by services above
  • Turn vulnerability scan results from overwhelming into understandable and actionable.
  • Turn event log alerts overwhelming into clear and actionable tickets

Differentiators
Differentiators
  • Laser focused on security services. We sell no other services or any products
  • Our security team all have industry recognized security credentials including CISSP, CISM
  • Competitively priced
  • Provide scalable services, from proof of concept through full deployment
  • Work with clients through all stages of a project; pre-budget cost justification, proposal, plan, implement, manage, and validate
 

Contact Us

905 764 3246
 
 
  Budgetary Price Quote
  Request A Demo
  10 minute scope definition call
  Business case for IT security and compliance 
  Sanitized Statement of Work
  Sanitized Audit Report
  Product Literature  
  White Papers and Published Articles

 

Have A Question? 

ERE Cyber Security Services in a Nutshell
ERE Cyber Security Services in a Nutshell

Automated Vulnerability Scanning Service

Identifies web application and network vulnerabilities and how to remediate, every month – this service replaces the one point in time annual pen test, for about the same annual price
  • NESSUS, Qualys, Rapid7, Netsparker, QRadar
Vulnerability Remediation Management Service (proprietary)

Vulnerability Remediation Management Service (proprietary)

  • Reduces risk exposure time to remediate
  • Time efficiencies for remediating 100’s or 1000’s of new vulnerabilities
  • Triage overwhelming number of alerts into a few actionable tickets
  • Works with any vulnerability scanner such as NESSUS, Qualys, Rapid7, Netsparker
Security Intelligence, Threat Intelligence

Security Intelligence, Threat Intelligence Behavior Analysis, and Asset Discovery Services

  • Security Intelligence delivered by outsourced Event Log Monitoring and outsourced SIEM services
  • Behavioral Analysis and threat detection delivered by
  • Outsourced event log monitoring / SIEM services
  • Outsourced real-time network threat monitoring / intrusion detection service
  • Outsourced real-time traffic flow monitoring service
  • Data loss prevention service delivered by services above
  • Threat Intelligence delivered by access to Open Threat Exchange (OTX) Intelligence
  • Asset Discovery delivered by outsourced device discovery scanning service
  • Dark web discovery of credentials for sale that belong to a company’s domain
Managed Cyber Security Services

Managed Cyber Security Services

  • Cloud security service
  • SIEM service
  • Event log monitoring and correlation service
  • Real time network threat detection service with network based IDS and host based IDS
  • Asset discovery service
  • Network traffic monitoring service
Compliance Management Services

Compliance Management Services
Enables complex compliance data collection supporting multiple contributors, reporting, and alerts on compliance violations every month. Empowers management to know their compliance posture throughout the year, and not have to rush at compliance audit season.

Automated Compliance Readiness Score for Any Standard

Automated Compliance Readiness Score for Any Standard
Identifies the effectiveness and efficiency of a compliance workflow for any standard
  • Financial OSFI, FFIEC, IIAC, IROC, OSC Bill 198, Sarbanes –Oxley (SOX)
  • Security CSA Cloud Control Matrix, COBIT, ISO 2700x, NERC CIP, NIST CSF, PCI DSS,
  • Privacy Canadian Privacy Act, PHIPA, FIPPA, PIPEDA, RCMP/CSE TRA, SB 1386, TRA and PIA
Cyber Security State Testing

Cyber Security State Testing
  • Pen Testing
  • Vulnerability Assessment
  • Gap Analysis
  • Security Auditing
  • CMMI baseline security assessment
  • Web App Vulnerability Testing
  • Security Maturity Capability Assessment
  • Mobile App Vulnerability Assessment
  • Social Engineering Testing
Cyber Security Consulting and Documentation Authorship Services

Cyber Security Consulting and Documentation Authorship Services

  • Corporate security policies and procedures
  • Compliance policies and procedures for any standard
  • Security ROI and cost justification planning
  • Privacy policies and procedures
  • Business continuity plan (BCP) and Disaster recovery plan (DRP)
  • Cyber security attack response plan
  • Ransomware attack response plan
  • Security project management
Availability Services </h2></TD> </TR>

Availability Services

  • Tier 1 support for servers and network devices
  • Patch management process planning
  • Patch management monthly analysis / recommendations
  • Patch management hands on assistance
  • Post patching vulnerability scanning service to verify patching

 

Request A Demo 
Please see Ron Lepofsky’s book,
The Manager’s Guide to Web Application Security,
published by Apress Media

https://www.apress.com/9781484201497

The Manager's Guide to Web Application Security is a concise, information-packed guide to application security risks every organization faces, written in plain language, with guidance on how to deal with those issues quickly and effectively.

Quantifying Risk and Cost of IT Security
Information Risk Management and creating an IT security business plan are difficult at best. We have IT security cost calculation perfected to a science and happy to provide knowledge transfer all about it. Up front proof of value ROI calculation including audit checklist template and audit report template. We are IT security audit experts. As part of our security audit services we educate our clients on:
  • How to calculate IT security risk.
  • Calculating ROI on information security risk.
  • How to calculate security vulnerability cost of risk.

Contact us
Let us assist you to find hidden risks and compliance violations, and plan how to mitigate them. We will help you to scope your needs and to cost justify your budget requests. Contact us.
information security and compliance auditors
Home | Technology Audits | Compliance Audits | Process Audits | Doc Audit/Authorship| | 7x24 Monitoring | Knowledge Transfer
ERE Differentiators | About Us | Site map | Contact Us | |   | Resource Center
Copyrights © 2007-2010. All rights reserved.

   AddThis Social Bookmark Button