Modis Powered by OnDefend

OnDefend & Modis

Partners in Cyber Security

OnDefend & Modis

Partners in Cyber Security

Cyber security is our business.

Comprehensive Risk Assessment

Get visibility into your cyber risks

If you do not have visibility into your cyber security risks, how can you protect your company? We provide a full risk assessment that identifies your cyber security vulnerabilities as well as recommendations to remove these risks along with a Comprehensive Security Roadmap.

Here we assess your:

  • Policies & Procedures
  • IT Asset Inventory
  • Network Vulnerabilities Test
  • 30-Day Employee Phishing Test
  • Risk Management Plan
  • Incident Response Plan
  • Compliance Requirements

What you get:

And don’t worry, if you need us to implement these recommendations, we are here to help!

Want more info?

Ransomware Readiness Assessment

Get Ransomware Ready

Are you ready for a ransomware attack? You should be or it will cost you! We will identify how prepared your company is to defend from, react to and recover from a real-world ransomware attack.

This assessment includes:

  • Policies & Procedures
  • IT Asset Inventory
  • Network Vulnerabilities Test
  • 30-Day Employee Phishing Test
  • Risk Management Plan
  • Incident Response Plan
  • Compliance Requirements

Our Comprehensive Report includes:

And don’t worry, we have a plug-&-play subscription solution to help you become 100% ransomware ready and stay that way.

Want more info?

VManage – Continuous Vulnerability Management

Manage Your Network Vulnerabilities

Do you have visibility into your network vulnerabilities? You should because they are what cyber criminals exploit to steal your data!

VManage automatically identifies all exploitable vulnerabilities on your network every month, providing real-time results, risk scores and risk removal recommendations.

It’s as easy as 1-2-3:

  • We ship you our Sentinel
  • You plug our Sentinel into your network
  • VManage starts testing for vulnerabilities

Additionally, VManage allows you to remove your identified risks by assigning remediation tasks to your internal team or external IT provider. Here you can track your risk removal progress, trends and overall security improvement.

Links/Attachments:

Coming Soon

And don’t worry, if you need us to implement these recommendations, we are here to help!

Want more info?

Penetration & Attack Simulation Testing

Test Your Network & Applications!

How do you know if your information security defenses are working? You should find out before a cyber criminals do!

We will simulate a cyber-attack on your networks and/or applications that proves whether critical systems can be exploited, sensitive data accessed and whether your defensive controls are working as expected.

Tests we provide:

  • Network Vulnerability Assessments: Here we identify vulnerabilities in the client’s network as well as provide remediation recommendations to remove these risks. We also provide continuous testing of your network vulnerabilities in a monthly subscription with VManage.

  • Network Penetration Testing (white box): Here we simulate a cyber-attack on the client’s network that proves whether critical systems can be exploited and if sensitive data accessed.

  • Attack Simulation Testing (Black box): Here we simulate a cyber-attack on the client’s network that not only proves whether critical systems can be exploited and if sensitive data accessed, but also if their defenses can detect us.

  • Application Testing: Dynamic (app facing) or Static (code-based) tests that identify exploitable vulnerabilities within your web or mobile application that could provide unauthorized access to sensitive data or critical systems.

What You Get:

Our Comprehensive Reporting includes:

  • Details on how each finding was identified and confirmed
  • Effective remediation recommendations
  • A full narrative of the engagement

  • Severity rankings
  • Detailed recommendations of additional detection strategies
  • Identification of effective controls that prevent attacks

All test results can be provided via our interactive VManage – Vulnerability Management Platform.

Want more info?

Security Tools Assessments

Prove your security tools work

How do you know your security tools will actually detect an attack and alert your team? The only way to know is to prove it before a cyber criminal does.

Here we identify and visualize whether your security tools are working as expected to ensure your detection tools are detecting properly as whether the alerts and correct flowing to your security team in real time.

Here we identify:

  • Attack Detection:

    • Misconfigurations preventing tools from detecting
    • Control changes rendering tools ineffective

  • Alerting & Response:

    • Not being monitored effectively

  • Processing delay in ingesting events

What you get:

Our Comprehensive Reporting includes:

  • Details on how each finding was identified and confirmed

  • Effective remediation recommendations
  • A full narrative of the engagement

  • Severity rankings

  • Detailed recommendations of additional detection strategies
  • Identification of effective controls that prevent attacks

And don’t worry, if you need us to implement these recommendations, we are here to help!

Want more info?

Cloud Security Services

Secure Your Cloud Environment

Are you confident in your cloud security? Prove it is so you can have confidence to depend on it for your business.

Whether you currently utilize cloud services such as Azure, AWS or another cloud services, or need help migrating to them, we are here to help.

Our cloud security services include:

  • Cloud Security Assessment – Full security assessment of your cloud environment that by identifies threats caused by misconfigurations, unwarranted access, and non-standard deployment and other vulnerabilities.

  • Cloud Penetration Testing – We use the latest in tactics, techniques, and procedures (TTPs) to perform both unauthenticated and authenticated security testing of Cloud environments to determine the likelihood of an unauthorized actor gaining access to sensitive business data.

  • Cloud Migration Consulting – We will help you migrate some of the physical servers or your entire data center to the cloud allowing you to maintain cloud data ownership, control, security, and visibility.

What You Get:

All of our cloud deliverables include:

  • Details of identified risks

  • Effective remediation recommendations
  • A full narrative of the engagement

  • Severity rankings

  • Detailed recommendations of ongoing strategies

Want more info?

Compliance Consulting

Get Complaint Today

Do you have an industry compliance requirement you must meet? Get it done on your timeline and within your budget.

We will help you meet your industry compliance standards on your timeline and within your budget.

We help companies comply with the following industry requirements:

  • NIST CSF

  • NIST 800-53

  • NIST 800-171

  • FedRAMP

  • FISMA

  • SOX

  • HIPAA/HITECH

  • HITRUST

     

  • ISO 27001

  • GLBA

  • GDPR

  • CCPA

  • NYDFS

  • PCI/DSS

  • SOC1, SOC2, SOC3s

  • And more…

What you get:

  • Compliance requirements met on your timeline
  • Budgetary requirements met
  • A true compliance management partner

Want more info?

Incident Response Readiness Assessment

Become Indent Response Ready

How do you know your company will respond to a cyber breach? Preparation can be difference between recovery and disaster!

We will verify that your company can respond to and recover from a successful cyber-attack by:

  • Reviewing your current Incident Response Plan to make sure it matches your technology, stakeholders and overall environment.
  • Proving the plan will work by simulating events with tabletop exercises.
  • Updating your plan so you can be confident it will work in real-time.
  • 30-Day Employee Phishing Test
  • Risk Management Plan
  • Incident Response Plan
  • Compliance Requirements

If you don’t have a plan, don’t worry, we can build one for you!

What You Get:

Your Comprehensive report includes:

  • Executive Summary
  • Findings and Recommendations
  • Updated & Actionable Plan
  • Recommendations & Security Roadmap

Want more info?

Advanced Email Phishing Testing & Training

Prepare Your Employees for Phishing Attacks

Can your employees identify and avoid real-world, advanced phishing attacks? If not, you have just surrendered your first line of defense.

Your employees are your “human firewall” and are targeted first in cyber-attacks. Many of these advanced attacks utilize Business Email Compromise, which are extremely hard for your employees to identify and coerce your employees to:

Here we assess your:

  • Download dangerous files that execute malware and ransomware
  • Link to dangerous sites with malicious executables
  • Provide login credentials to systems that house your systems and data

We will regularly test your employees and provide the training and tools they need to identify and avoid these and other advanced email phishing attacks.

What you get:

  • Monthly Testing & Training
  • Trends
  • Access to our proprietary Attack Identification solutions

Want more info?

Security Project Consulting

Complete Your Security Projects

Do you have security projects you need done, but don’t have the internal bandwidth? Let us help you get the project over the goal line!

We will help you with your specific security needs on a one-time or ongoing basis.

These types of projects include:

  • Security Tool Assessment
  • New Security Tool Rollout
  • Policy & Procedure Development/Updates
  • System, Data, Asset Identification
  • System Access Control
  • Computer and Network Management
  • System Development Life Cycle
  • System Configuration Management (hardware and software maintenance)
  • System Authorization
  • Privacy and Data protection
  • Incident Response
  • Business Continuity Planning and Disaster Recovery Planning
  • And more…

What You Get:

  • Project completion to satisfaction
  • Budgetary requirements met
  • A true information security partner

Want more info?

Virtual Chief Information Security Officer (vCISO)

Get the Security Leadership You Need

Are you concerned that there is no stakeholder in your security? Let us take on the responsibility so you can focus on your business. We provide fractional information security leadership helping your company manage and mature your security program within their timeline and budget.

Here, we will:

  • Identify and prioritize your security program needs
  • Develop a roadmap to accomplish those needs
  • Share and Collaborate as one unified team
  • Track action items, risks and tasks and measure progress
  • Centralize reports that are easily shared with executives, board members, etc.

What you get:

  • Security leadership you can count on
  • True movement up the security maturity curve
  • A true information security partner

Modis Powered by OnDefend

Strengthen Your Security Posture

Fill out my online form.