General Security Consulting
Creation Logic draws upon Consultants with deep knowledge in
of computer security to assist with diverse projects which either have
an information security aspect, or are security focused. Creation logic
works as part of your team to provide a greater understanding of
information assurance and risk management for any project that your
company is contemplating or currently involved with, in order to insure
that your projects, products and policies accomplish your business
goals without risking the integrity of business information.
While the depth of experience at Creation Logic allows this category to be defined quite broadly, some examples of work performed in this area include:
º Analysis of the security stance of business partners or potential security partners to insure the integrity of information shared with that partner.
º Technical review of system specifications and development plans for new products or offerings to insure security and integrity of the system or program.
º Activity/Event analysis of forensic information related to a security event in order to understand the parameters of the event
External network security assessment
Creation Logic works with company IT, service providers and
involved external resources to analyze company infrastructure which is
exposed to the Internet for network based vulnerabilities. Elements of
this analysis include:
º Both automated and manual scanning of external hosts.
º Detailed manual analysis of vulnerabilities.
º Detailed strategies for managing or eliminating exposed vulnerabilities.
º Executive level risk analysis.
º Technical risk analysis and recommendations.
Information Assurance Policy analysis and assessment
Consultants at Creation Logic have worked with hundreds of
assessment of current security policy and creation of new policies
where it is warranted. Since properly directed and motivated people are
more effective than computers in maintaining good security, Creation
Logic works with IT, Human Resources, Legal and Executive staff to
create policy which reflects business goals and leads to proper
information handling with respect to information security. While some
policies are driven by regulatory compliance, nearly all companies will
have written policies in the areas of:
º Acceptable use of company network and computing resources.
º Classification of proprietary information.
º Proper handling and disposal of company classified information.
º Communications standards for defined information flows.
º Authentication, Authorization and Access controls.
Security Infrastructure Support
Senior consultants at Creation Logic have been involved with
the largest and most involved security perimeters in the world, and
bring in-depth understanding of networking, firewalls, intrusion
detection systems, intrusion prevention systems and enterprise services
to bear on supporting your company's security infrastructure in the
º Performance analysis
º Forensic preparation