Herjavec Group’s Threat Management Team combines expertise in assessment, advisory, scanning, and incident response services to measure your risk exposure and test your enterprise’s security controls.
Our Service Leads collaborate to develop a Cybersecurity Journey for your enterprise that matches your security goals, compliance readiness and overall maturity.
Herjavec Group’s Threat Management Services:
Accelerate Your Threat Management with HG
- Herjavec Group is 100% laser focused on cybersecurity services with comprehensive expertise across professional and managed services domains.
- We are a vendor agnostic service provider with a track record of success in complex, multi-technology environments including within the financial, legal, utilities, retail, health & gaming sectors.
- We embrace customized solutions to meet our enterprise customer needs.
- We are highly certified across vendor and cybersecurity specific certifications & accreditations + Our Threat Management Team Members come from various backgrounds including military, forensics, healthcare, and technology vendor environments to offer unique perspectives on emerging threat actors.
- Our teams are well integrated. Strong communication & alignment enable effective knowledge transfer from our Advisory Services Team to Professional Services to Managed Services. We’re all part of something big at Herjavec Group.
Technical Consulting & Red Team Operations
Herjavec Group’s Technical Consulting & Red Team Operations test key aspects of a customer’s environment for flaws that could be taken advantage of. We recommend a combination of the following to build strategies that help secure and protect your environment.
Herjavec Group security specialists scan the environment to develop a summary of exposures for remediation based on your risk profile.
We test your security controls through intelligence gathering, network and application reconnaissance, vulnerability discovery, and attempted exploit.
Red Teaming Services
We conduct a no holds barred engagement that simulates the intention of stealing an organization’s crown jewels to identify security & process flaws.
Vulnerability Scanning Services
Business critical systems are often impacted by vulnerabilities. The larger the company, the more complex the threat profile. Herjavec Group recommends your enterprise embrace Vulnerability Scanning as an essential control requirement.
Additional benefits include:
- Improved Security – Identify vulnerabilities before they are exploited. Proactive scanning supports visibility, helping to improve security. This proactive monitoring ensures you are one step ahead of threats
- Time Saved- Don’t wait to remediate when it’s too late. A little attention paid on a consistent basis will be a significant time saver in the long run.
- Prioritized Risks- Scanning will provide more information to contextualize the priority vulnerabilities in your environment. The reports provided will help you assess what to fix, in what order.
Herjavec Group Vulnerability Scanning Services test externally facing and internal devices, providing intelligence to help organizations secure their critical infrastructure. HG will run the scans on behalf of the client and deliver a Vulnerability Scanning Report (VSR).
The VSR includes:
- Delta of new vulnerabilities between scanning periods
- Prioritized remediation effort recommendations
Data may be ingested into the client SIEM if under HG management, where technology permits. Herjavec Group can help drive the recommended remediation initiatives with support from our service experts across technology implementation, identity, managed services and incident response
Customer Success Story
Entertainment Organization with vulnerability management requirements including custom reporting, and recommended mitigation support.
- Required quarterly vulnerability scans
- Reports in undesirable format
- Reports seen as not useful for current remediation measurements
- Rapid 7 Nexpose
How We Delivered
- Provided quarterly vulnerability scans in a timely manner
- Worked with client to determine what information was required for their remediation process.
- Configured custom reports in order to help meet clients needs
- Provided explanations as to what value the current set of reports have in a remediation process
- Over 5000 IP addresses scanned internally and externally
Threat Advisory & Threat Hunting Services
Herjavec Group offers a combination of Threat Advisory and Threat Hunting Services to augment our overall Threat Management and Managed Security Services programs.
Our Threat Advisory Services generate industry and customer specific threat intelligence on an agreed upon cadence to help build the foundation of a Threat Program. Our Threat Advisory services include:
- Incorporation of Threat Intelligence into alerts and escalations
- Basic Brand Monitoring – suspicious domain registrations and email/breaches
- HG Generated Threat Intelligence and Research
- Secure Threat Intelligence Sharing and Collaboration
- Roadmap Development – Threat modelling across customer base and vertices
- Threat Reports
We also offer more advanced and flexible Threat Hunting Services that require dedicated hours or resources. Our Threat Hunting team researches specific adversaries to your organization and supports by hunting through your environment using adversary tactics, to improve detections and develop new alerts based on the program results.
Our Threat Hunting Services Include:
Basic Threat Hunting
- Leverages Automated Alerting
- Incorporates Threat Intelligence Indicator Searches
Advanced Threat Hunting
- Follow Data Analysis Procedures Created Externally
- High Level of Routine Data Collection
Premium Threat Hunting
- Creates New Data Analysis Procedures
- Very High Level of Routine Data Collection
- Typically engaged as a dedicated extension of your security team
Customer Success Story
Financial Services Organization
- Experiencing a breach on unmonitored infrastructure
- Supported 3rd party incident response investigation
- Leveraged diamond model of intrusion analysis
- Engaged trusted contact at naval criminal investigative services
How We Delivered
- Threat Intel and Hunting Services
- Mapped actors and TTPs
- Discovered US Dept of Defense IP space was being leveraged in the attack
- Determined attacker had hijacked DoD Darkspace
- Remediation Support
- Revealed potential links to nation state capabilities
Incident Response Services
Herjavec Group has practical experience addressing and managing the most complex security breaches. Through timely and strategic response to security incidents, Herjavec Group reduces recovery time, costs and damage. We offer Incident Response Retainers as well as hourly rate packages to support your remediation efforts.
Why Trust HG To Lead Your Incident Response?
- When an incident occurs, we respond with a customized response team.
We bolster your existing tools and processes with our state of the art networking, discovery and forensic tools. Our flexibility provides a faster, more effective response. We maintain a neutral perspective throughout our response delivery.
- We are on site offering a high-touch response.
While we can provide remote triage and expertise across multiple security domains, we believe that on-site presence is critical to managing an incident, interacting with management and ensuring the best outcome overall.
- We do not abandon you once the incident is closed.
When a complex incident occurs, Herjavec Group follows through on recommendations that are made and supports you through the entire cycle of remediation as required. This includes providing you with the consultation and technical expertise needed throughout the remediation process.
- Our retainer hours are flexible and can be dedicated to additional cybersecurity services.
Rest assured knowing that your investment with HG can be leveraged for incident response support as needed, or dedicated to additional services from advisory consulting, to identity, professional services and more.