data_on_screen.png

Security Solutions

End-to-end enterprise security services for deployment – From network security solutions, to endpoint security, to security in the cloud.

 

We’re early adopters with new security technologies, and we have cross-functional knowledge.

Our Security team works across advanced network design, automation, and integration – Which means that Armature is able to tap into and deliver one of the widest ranges of security solutions in the market.

 

 

Security Stack Architecture

  • We design security stack architecture to protect your organization at the campus, data center, and in the cloud. 

  • Every security solution varies and is customized per client, ranging from firewalls at the edge, to network taps and sensors, to nextgen endpoint protection and CASB/DLP in the cloud. 

  • We engineer platforms to work harmoniously so your organization doesn’t need to manage multiple platforms; and we engineer integrations and automation to help further reduce the workloads of your IT, Network, and Security teams.

 

 

Identity Access Management

  • We design and deploy directory services, Single Sign On solutions and Multi-factor Authentication solutions. 

  • We can provide advanced API integrations with SSO platforms, and integrate SAML and OAuth applications.

 

 

Network Access Control

  • We take a very pragmatic approach in designing NAC, using a list of various technologies such as traditional RADIUS, VPN based solutions, or cloud based solutions to secure access to your enterprise network.

  • We use both traditional NAC solutions as well as non IEEE802.1X based solutions.

 

 

Cloud-Access Security Broker (CASB) & Data Loss Prevention

  • We evaluate top CASB providers for our customers, first gathering requirements and use cases, and then provide documentation for our customers:

    • Forward Proxy, Reverse Proxy, and API (out of band) DLP solutions.

    • DLP policy frameworks

    • DLP implementation

  • We have an extensive knowledge of SSO integrations and user-based policies, in order to protect access and eventually the exfiltration of data.

 

 

Security Assessment & Remediation

Technical Assessments

  • Comprehensive Firewall Assessments: We review firewall rules and provide recommendations for tuning.

  • OS Hardening (Endpoint): We test base/gold images of endpoint operating systems for configuration hardening, and provide recommendations.

  • OS Hardening (Network Device): We test network device configurations for misconfigurations, and provide recommendations.

Risk Assessment, Compliance, and Governance

  • Full CISO Services: We provide security consultations for developing correct security policies, processes and practices for your organization.

  • Assess current policies, processes and practices and provide recommendations

Remediation: After our assessments, if necessary, we provide remediation services to fix any of the core issues we discovered.

 

 

EDR/EPP Evaluation and Deployments

  • We provide comprehensive next gen endpoint detection and response/endpoint protection platform testing and validation. Your organization can validate solution efficacy by utilizing Armature’s EDR/EPP lab environment to test endpoint base/gold images for a wide range of test cases.

  • We have been testing next gen endpoint platforms twice a year since 2015, and we maintain the latest data on EPP/EDR platforms to provide the best solutions for any organization’s needs. Our testing is performed based on MITRE ATT&CK.

  • We engineer large scale deployment of endpoint protection to any operating system, anywhere in the world, having successfully supported deployments with over 120,000 endpoints.

 

 

Penetration Testing & Vulnerability Assessment

  • We conduct external & internal network penetration testing, web application penetration testing, and code review.

  • We perform vulnerability assessments of systems in your network, providing reports on remediation actions.

 

 

Public Key Infrastructure Deployment

  • We develop comprehensive enterprise-wide PKI solution design and deployment, managing PKI integration with MDM solutions, as well as various other platforms.