Information Security Services | Information Security Solutions

 home company contact us

(347) 827-1749

  • Professional Services

    • Professional Services Overview
      Vigilar Professional Services provides security consulting expertise to help organizations of any size assess their current security state, meet information security challenges, design solutions to reach their optimal security posture and achieve regulatory compliance.
      Payment Card Data Security
      Vigilar’s PCI Compliance Services deliver a full range of PCI-specific assessment, remediation and education services to help organizations of all sizes establish and improve PCI compliance. Vigilar is recognized by the PCI Security Standards Council (PCI SSC) as both a Qualified Security Assessor (QSA) and as an Approved Scanning Vendor (ASV).

  • Security Solutions

    • TITAN™ - Vigilar’s Information Security Framework
      One of Vigilar's core tenets is that it is not sufficient to use information security software to secure the network alone. The data must also be secured from both external and internal threats. To this point, Vigilar has developed an innovative approach to the design and planning of security system software called the TITAN architecture that revolves around five key areas.
      Threat Analysis & Policy Management
      Partners: AlgoSec, Alterpoint, Altiris, BigFix, Cambia, eEye, eIQ Networks, Elemental Security, Firemon, Loglogic, McAfee, Qualys, Skybox
      Identity and Access Security
      Partners: Aventail, ConSentry Networks, Courion, CRYPTOCard, Cyber-Ark, Digital Persona, Imprivata, InfoBlox, RSA, SafeNet & Secure Computing
      Traffic Management
      Partners: F5
      Application and Content Security
      Partners: BorderWare, Certified Mail, CORE Technologies, Determina, Facetime, Fortify Software, Forum Systems, Imperva, Ingrian Networks, McAfee, NetContinuum, PGP Corporation, ProofPoint, Purewire, SafeNet, Securewave, SPI Dynamics, SurfControl, Symantec, Tizor Systems, TrendMicro, Tumbleweed, VMWare, Voltage, Vontu & Websense
      Network Security
      Partners: TippingPoint, AirDefense, AirMagnet, AirTight, Aruba, BlueCoat, Checkpoint, Cisco/Okena, CrossBeam, Juniper, Lancope, McAfee, Net Optics, Nokia, Nortel, Resilience, Sipera, SourceFire & Tufin

  • ATLAS™ Security-As-A-Service

    • Asset Identification, Prioritization and Management:
      Identifies infrastructure assets, security issues and network changes.
      Prioritizes assets and provides an asset-based risk score.
      Includes: Change Monitoring and Management, Asset and License Management, Network State Traffic Monitoring and Risk Analysis.
      Technical Support:
      Provides expert front line support for specified security vendors.
      Helps reduce technical support costs and ticket resolution times.
      Log Management:
      Provides a secured, tamper-proof, automated audit trail for system and application components.
      Authentication Management:
      Manages the entire Two-Factor Authentication token lifecycle including implementation, user provisioning, account approval and token inventory management.
      Systems Maintenance, Monitoring and Management:
      Provides ongoing maintenance, monitoring and management of leading third-party security devices (Firewalls, IDS, IPS).
      Gives your team access to Vigilar’s security expertise.
      Frees up your staff from the burdens of day-to-day management tasks.

  • IT & Security Training

    • Corporate On-Site Training
      Whether you work in a small, medium or large organization, Vigilar's Intense School is your single source for corporate on-site training covering advanced networking and security. Our customized enterprise solutions offer on-site technical training that allows corporate training managers the ability to easily administer their learning programs and track the progress of all participating employees.
      Individual Boot Camp Training
      Vigilar's Intense School holds Network Security, Microsoft, CompTIA and Cisco Boot Camps that offer certification in less time and at less cost than traditional training methods. Intense School's boot camps are all-inclusive – we provide hotel accommodations and lunch, comprehensive training and testing all in one location.
      Government Training
      Vigilar's Intense School's dedicated Federal team has trained thousands of Government information and IT security personnel, empowering these professionals to maintain peek performance of both their skills and the technologies they oversee.
      Online Training: Learn at Your Own Pace
      Vigilar's Intense School revolutionizes the newest wave of training through our Online courses, a unique and accommodating way to attain certification! Vigilar's Intense School fits the schedules and needs of our students by offering classes in the daytime, evening, and weekend hours.

    1. Professional Services

      » Penetration Testing
    2. » Security Policy & Procedure
    3. » Social Engineering
    4. » VoIP Security
    5. » Vulnerability Assessments
    6. » Web Application
    7. » Web Application Penetration

    8. Audit Services

      » PCI Data Security Standard
    9. » Equifax Audits

    10. PCI Compliance

      » PCI Gap Analysis
    11. » Quarterly PCI Scanning
    12. » PCI Onsite Audit
    13. » PCI Management Program

  • Vigilar’s VoIP Security Assessment: VoIP Hopper

    VoIP Hopper is an automated tool that rapidly runs a VoIP network configuration validation test to help enterprises determine the vulnerability of their VoIP networks. The VoIP Hopper has been released as an open source tool, and can be downloaded from Source Forge.

    Download the VoIP Hopper assessment tool at: http://voiphopper.sourceforge.net

    The convergence of voice and data into a single network promises to reduce costs, improve quality and simplify management. But as voice exists on the network as yet another application, it poses new challenges to the enterprise and new potential security risks arise. In particular, in a converged VoIP deployment, where a single Ethernet cable provides both the phone service and the computer connection, significant risks arise. In particular, concerns arise around the ability to gain privileged access through publicly accessible phones, such as those found in lobbies, hotel rooms, and conference rooms.

    Securing Voice VLANs
    The new VoIP Hopper tool allows enterprise IT administrators to test their networks for a specific vulnerability that can occur when the Voice VLAN feature is enabled. With this feature enabled, a PC can be daisy chained to an IP Phone and the connection for both PC and Phone to be trunked through the same physical Ethernet cable. As a result, users can easily gain access to the data network using a VLAN hop from the data network to the voice (known as a VoIP hop). Once on the network, a malicious user could run several different types of attacks against the IP Phone network, including eavesdropping on unencrypted phone calls, or causing interruption of service against the IP Phone network. Worse still, the user could also access the data network, gaining access to mission critical, proprietary data and applications, such as customer data and email or financial applications.

    The VoIP Hopper
    To discover whether a network may be vulnerable to potential VoIP attacks, Vigilar has developed an assessment method called VoIP Hopping, and an automated assessment tool called the VoIP Hopper. Released as open source, the new VoIP Hopper tool helps IT administrators test their networks to determine if VoIP Hopping possible on their network. The VoIP Hopper enables administrators to quickly and easily test the protection controls of a Layer 2 network to see if a regular PC can mimic the behavior of an IP phone and thereby gain access to the IP Phone network.

    Vigilar recommends that enterprises enable the following controls to mitigate VoIP Hopping attacks:
    1. Enable Port Security or MAC Address Filtering
    2. Enable 802.1x
    3. Proper firewall placement or network segmentation

    VoIP Assessments
    Vigilar Professional Services offers a VoIP Assessment service to help organizations identify vulnerabilities in their VoIP infrastructure.

    Click Here For More Information

 

Resources:

White Papers

Case Studies

Webcasts

 Home | Contact Us | Privacy | Legal | About Us | IT & Security Training | ATLAS SaaS | Professional Services | Solutions
© 2008 Vigilar, Inc. All Rights Reserved.
Stay current with Information Security News and Updates