Right Brain Sekurity, LLC: Vulnerability Assessments, Physical Security Consulting, Litigation Support, Product & Design Evaluation, Tags & Seals, Product Anti-Tampering & Anti-Counterfeiting, Cargo Security, Election Security.
Vulnerability Assessments are not the same thing as performance or penetration testing.
You can't "test" your security against attacks you haven't envisioned!
If you’re like a typical organization, you probably have a pretty good handle on the threats to your security device(s), system(s), or program(s). You probably understand the assets you are trying to protect and the consequences if your security fails (though these are often underestimated). But if you are typical, you probably have an incomplete understanding of your vulnerabilities. These are what kill you. Recent security disasters like Sony, Y-12, the White House fence jumper, Target, Sony, Russian athlete doping, etc. occurred not because the threats, assets to protect, and consequences were poorly understood or because the security was never "tested", but because the vulnerabilities were not recognized (including classic vulnerabilities of layered security) and simple fixes were not applied. An independent, creative vulnerability assessment of your security by people who can “think like the bad guys” can go a long ways towards providing PROACTIVE security—not just reacting to past security incidents.
If you are in the business of making or selling security devices, you should be aware of the recent FTC ruling on TrendNET. The era of being able to sell flawed security products is coming to an end: http://www.ftc.gov/news-events/press-releases/2013/09/marketer-internet-connected-home-security-video-cameras-settles
Our mission is to improve your security. Right Brain Sekurity does CREATIVE security consulting, training, metrics, vulnerability assessments, and R&D for physical security devices, systems, and programs. We also provide suggestions for insider threat mitigation, and for creating a good Security Culture.
We don’t do cyber security, threat assessments, or overall risk management. We don't "test" against standards or "certify" your security because we believe these things are relatively meaningless, especially for physical security. And we don’t take your money and tell you everything is swell if it isn’t. Lots of other people can do these things for you.
How can we help you?
Vulnerability Assessments are not the same thing as performance or penetration testing.
You can't "test" your security against attacks you haven't envisioned!
If you’re like a typical organization, you probably have a pretty good handle on the threats to your security device(s), system(s), or program(s). You probably understand the assets you are trying to protect and the consequences if your security fails (though these are often underestimated). But if you are typical, you probably have an incomplete understanding of your vulnerabilities. These are what kill you. Recent security disasters like Sony, Y-12, the White House fence jumper, Target, Sony, Russian athlete doping, etc. occurred not because the threats, assets to protect, and consequences were poorly understood or because the security was never "tested", but because the vulnerabilities were not recognized (including classic vulnerabilities of layered security) and simple fixes were not applied. An independent, creative vulnerability assessment of your security by people who can “think like the bad guys” can go a long ways towards providing PROACTIVE security—not just reacting to past security incidents.
If you are in the business of making or selling security devices, you should be aware of the recent FTC ruling on TrendNET. The era of being able to sell flawed security products is coming to an end: http://www.ftc.gov/news-events/press-releases/2013/09/marketer-internet-connected-home-security-video-cameras-settles
Our mission is to improve your security. Right Brain Sekurity does CREATIVE security consulting, training, metrics, vulnerability assessments, and R&D for physical security devices, systems, and programs. We also provide suggestions for insider threat mitigation, and for creating a good Security Culture.
We don’t do cyber security, threat assessments, or overall risk management. We don't "test" against standards or "certify" your security because we believe these things are relatively meaningless, especially for physical security. And we don’t take your money and tell you everything is swell if it isn’t. Lots of other people can do these things for you.
How can we help you?
Other Stuff That Might Be of Interest: