0% found this document useful (0 votes)

21 views23 pages

Aurora Serviceflipbook

The document discusses cyber security services provided by Aurora Systems Consulting including security consulting, professional services, and risk assessments. It outlines their expertise in various frameworks and security domains and services across commercial, government, and public sector clients.

Uploaded by

tmendis

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

21 views23 pages

Aurora Serviceflipbook

Uploaded by

tmendis

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 23

CYBER SECURITY SERVICES

About Us
Since 1990, security-conscious companies have turned to Aurora for support of their

business-critical applications. Aurora’s highly trained sales and engineering teams

combine to uniquely position the company as a single source security consulting

service provider. A combination of strong solutions offerings and meaningful partner

relationship allows Aurora to serve a growing list of clients spanning across three

business units:

ENTERPRISE – We specialize in commercial, enterprise & mid-market clients

STATE, LOCAL, EDUCATION – Aurora maintains numerous CMAS Contracts,

SLPs and NASPO Agreements frequently used as purchasing vehicles for State,

Local and Educational institutions

FEDERAL GOVERNMENT – We are on multiple GWACS including SEWP and

STARS II to make it easy for federal customers to work with us

In each of these three business units, we have dedicated resources that focus on:

Security Consulting Services - such as penetration tests, vulnerability assessments,

gap analysis and security strategy

Professional Services - our highly trained engineers work with a set of premium

partners to bring you leading edge cyber security solutions

aurorait.com
©2020 - AURORA SYSTEMS CONSULTING, INC. ALL RIGHTS RESERVED.
[email protected]
All other logos and trademarks are the property of the respective trademark owners.
888-282-0696
OVERVIEW

We put our CUSTOMERS’ NEEDS FIRST , educating our customers on the latest

technology and product road maps, addressing key business requirements and

then working with your team to ensure a successful outcome.

Our customers rely on Aurora’s decades of EXPERIENCE in Information

Technology to navigate complex Cyber security challenges.

We focus on a handful of Partners and create MEANINGFUL RELATIONSHIPS

with them, ensuring that our customers gain the most out of these partnerships.

We invest heavily in TRAINING, CERTIFICATIONS, TESTING, RESEARCH, AND

IN-HOUSE LABS . Our highly experienced Sales and Engineering teams have a

thorough understanding of security solutions and product interdependencies.

Aurora’s expertise is WELL RECOGNIZED in both Commercial and Government settings.

Our team is equipped with manufacturer and industry certifications for dozens of cyber

security disciplines. Public Sector accounts can leverage numerous specialized contract

awards and competencies listed on our website.

aurorait.com
©2020 - AURORA SYSTEMS CONSULTING, INC. ALL RIGHTS RESERVED.
[email protected]
All other logos and trademarks are the property of the respective trademark owners.
888-282-0696
CYBERSECURITY FRAMEWORK CONSULTING SERVICES

Aurora’s Security Consulting Services team provides the expertise and analysis to help

you enhance your IT security posture, reduce your information security risk, facilitate

compliance requirements and improve your overall operational efficiency.

Aurora provides full lifecycle consulting assessment services to over 15 frameworks

& 18 security domains to help your organization easily assess, remediate and deliver

cybersecurity and compliance programs on one platform. Aurora's unique value-add is

to increase efficiencies by 50% by combining redundant controls when applying multiple

frameworks and by centralizing data into a single depository.

Aurora’s assessment model has tremendous financial benefits:

Elimination of spreadsheets and ad hoc processes

Consolidation of documents into a single repository or link to existing data locations.

Elimination to maintain framework guidance and policy documentation

DIY model with Aurora consulting services hybrid model will save on consulting fees

Aurora assessment platform model includes the following frameworks:

aurorait.com
©2020 - AURORA SYSTEMS CONSULTING, INC. ALL RIGHTS RESERVED.
[email protected]
All other logos and trademarks are the property of the respective trademark owners.
888-282-0696
OVERVIEW

Aurora’s Security Consulting Services team has vast experience in delivering service

engagements and assessments for small and large companies in almost all lines of

business from financial and healthcare, to manufacturing and high technology, to retail

and food service industries. Our team offers a wide range of services. Our range of

expertise, experience, proven scope and approach lets us be your partner in many aspects

of your cybersecurity management program.

Cyber Security Risk Assessment Penetration Testing

HIPAA Security & Compliance Phishing Simulation Assessment
Security Training Assessment
Application Security Assessment
Vulnerability Assessment
Data Loss Prevention Assessment
Security Policy Development
PCI DSS Gap Analysis Security Code Review

Aurora’s Professional Services team constantly strives to attain the highest partnership

levels with our technology partners so that we can better leverage support, access new

products and roadmaps, strategic management relationships, and better pricing for our

customers. This also elevates our engineer’s capabilities as they are frequently required

to refresh their technical certification and training to meet constantly evolving standards.

These requirements include pre-sales knowledge of product features and benefits, POCs

(Proof of concepts) and ability to perform demos for our customers.

Our solution uses quantitative and qualitative methods

to define the current and future state of your security

environment in a complete internal and external Cyber

Security Risk Assessment. We determine how your

organization maps to best practices, along with the

steps needed to get to the next level of security, and

maintain a robust security environment as change

occurs. A Cyber Security Risk Assessment identifies

deficiencies and correlates them to practical solutions.

HOW THE PROCESS WORKS

Define a scope of each process and function being reviewed

Gather all current documentation (policies, procedures,

configuration standards, best practices used)

Conduct internal and external vulnerability scanning

Conduct penetration testing against your network systems

Interview individuals and document how the processes of the

business functions

Compare security practices to best practices

Prioritize the gaps and create a remediation plan

Produce a qualitative risk report

KEY VALUE PROPOSITIONS INCLUDE:

Understand gaps in regulatory compliance requirements

Understand weaknesses in existing policies, procedures and standards

Determine weaknesses in access controls, user provisioning, configuration

management, vulnerability management processes, and incident handling processes

Review of network, operating system, application and endpoint vulnerability security

measures

Development of key remediation recommendations

BUSINESS VALUE FEATURES AND BENEFITS

Cost effective compliance Complete overall network security gap

Prioritized and simplified recommendations analysis

Achieve greater return on investment Consistent and repeatable testing

Optimized implementation Continuously expanding tests

Knowledge Transfer Comply with industry-driven regulatory

requirements

Our HIPAA information security audit is an in-depth

appraisal of an organization’s adherence to existing

policies and industry best practices, and identification

of areas of weakness that need to be addressed to

meet business needs and/or regulatory and compliance

requirements. We will assess existing weaknesses and

develop countermeasures in three areas–people, process,

and technology–for HIPAA Security Rule requirements.

Aurora provides our clients comparative information and baselines against industry standard

practices in addition to the HIPAA mandated review items in the Security Rule. A complete

assessment, as required under the HIPAA risk assessment specifications, includes interviews

with personnel, system analysis, policy and procedure review, and remediation suggestions.

Our cost-effective approach to security and compliance makes it affordable for any size

healthcare organization to be in compliance– without cutting any corners. Our

comprehensive HIPAA Security assessment service offers an approach based on assessing

physical and logical security, and company practices for security confidential data.

HOW THE PROCESS WORKS

Assess the current state of security

Develop comprehensive HIPAA Security policy and authorization levels

Review all relevant security documentation and interview staff

Perform vulnerability scans locally or remotely over a VPN connection

Evaluate current practices

Deliver a recommendations report to close gaps in security practices

KEY VALUE PROPOSITIONS INCLUDE:

Quickly validate problems and resolution, and prioritize vulnerabilities

Automated testing provides recommendations for remediation

Discover key weaknesses, policies and procedures

Categorize missing controls

Review network, operating system, application and endpoint security measures

BUSINESS VALUE FEATURES AND BENEFITS

Cost effective compliance Understand gaps in regulatory compliance requirements

Prioritized and simplified Understand weaknesses in existing policies, procedures and

recommendations standards

Achieve greater RO Determine weaknesses in access controls, user provisioning,

Optimized implementation configuration management, vulnerability management and

Knowledge transfer incident handling processes

Review of network, operating system, application and endpoint

security measures

Our Application Security Assessment is designed to

meet best practices for application security. Industry

regulations such as PCI, HIPAA and Red Flag require

application security testing, Aurora can also assess

custom- built web applications and commercial

applications.

All security assessments will involve, but are not limited to,

the following methodologies:

Analysis of data access requirements

Input validation

Transport mechanism

Error Condition Handling and Exception Management

Business Logic, Functional Specification and Implementation

Site design

HOW THE PROCESS WORKS

Probe, identify and exploit vulnerabilities in systems within scope, with manual

techniques and automated tools

Attempt to escape out of the network and application boundaries of the systems

within scope

Attempt to gain unauthorized access to systems within scope and systems

connected to the web application

KEY VALUE PROPOSITIONS INCLUDE:

Discovery of key weaknesses in the servers

Manual and automated testing procedures

Review of network, operating system, application and end-point security measures

Development of key remediation recommendations

Client specified Internet reachable systems

BUSINESS VALUE FEATURES AND BENEFITS

Cost effective compliance Simulates an attacker

Prioritized and simplified Consistent and repeatable testing

recommendations Continuously expanding vulnerability tests

Achieve greater return on investment Comply with industry-driven regulatory

Optimized implementation requirement

Knowledge Transfer Fixed fee

The Aurora Data Loss Prevention Technical Assessment

provides the following:

Current and ideal state of the customer’s data

classification and data loss prevention program

Insight into data aging, access patterns, and true data

ownership based on these patterns

Where sensitive data is being stored, what permissions

surround this data, and who is accessing it

Highlights of the Data Loss Prevention Assessment

TECHNICAL REQUIREMENTS WORKSHEET

Aurora and the customer will work together to detail the technical requirements

including repositories to be scanned and samples of any documents to be collected.

For the assessment, the following guidelines should be followed:

focus on 1 to 3 file share repositories

less than 1 TB total data

Three to four data loss prevention policies

TECHNICAL ASSESSMENT
The assessment will run for 2 to 4 weeks, depending on the scope of engagement and

how much data/usage metrics are required

The required hardware and software is provided as part of the assessment, and agent

installers will be provisioned to be installed on any required repositories

DATA CLASSIFICATION TECHNICAL ASSESSMENT

At the end of the engagement, Aurora will provide the customer with a report detailing

the findings from the engagement

This includes remediation paths and next steps to minimize risk

Raw data reports can also be provided to allow for immediate action on high risk

repositories

FEATURES BENEFITS
Recommendations for optimizing the Understanding of where unstructured data

storage environment. resides in the physical architecture

Classify existing unstructured data by file Relate unstructured data to its application(s),

type, age, use, value to business, etc. from data lifecycle and application criticality

Achieve greater return on investment. perspectives

Data Classification Report detailing Understand how unstructured data is used as

structure, use, and potential exposure information and its importance in achieving

the mission of the client

Our PCI DSS Gap Analysis is designed to help a company

determine where gaps in its security infrastructure are,

prior to a full PCI DSS risk assessment. Our assessment

services identify and scope the requirements for PCI

compliance as it relates to the company, its agencies,

merchants and services providers.

Our scanning services allow you to identify vulnerabilities

that may block your company from meeting the PCI

security requirements. Our reviews of education and

training of all stakeholders, network architecture, plus

network and application security procedures will provide

a solid foundation of recommendations that will allow you

to anticipate issues that may arise in a full SAQ or QSA

review.

HOW THE PROCESS WORKS

Identify gaps in operational procedures

Identify gaps in policy documentation

Identify technical vulnerabilities

KEY VALUE PROPOSITIONS INCLUDE:

Quickly validate problems and resolution, prioritize vulnerabilities

Automated testing provides recommendations for remediation

Discovery of key weaknesses policies and procedures

Categorize missing controls

Review of network, operating system, application and end-point security measures

Development of key remediation recommendations

BUSINESS VALUE FEATURES AND BENEFITS

Cost effective compliance Simulates a PCI SAQ assessment

Prioritized and simplified Consistent and repeatable testing

recommendations Comply with industry-driven regulatory

Achieve greater return on investment requirement

Optimized implementation Anticipate problems in a full PCI DSS

Knowledge Transfer assessment

Fixed fee

Penetration Testing is the first tactical step many companies take to begin the identification

process for weaknesses in their IT environment. Our security professionals use proven

techniques, methodologies and tools to detect undesirable risks. Aurora will evaluate your

technical, administrative and management security controls, and conduct tests against your

Internet perimeter using real-world attacks techniques — both automated and manual.

Aurora currently offers 4 types of Penetration Tests:

EXTERNAL PENETRATION TESTING

Simulates an external or outside attacker.

Probes, identifies and exploits vulnerabilities in systems within scope

Attempts to breach the security perimeter of the network boundaries

Attempts to gain access to systems within scope, upon breach

INTERNAL PENETRATION TESTING

Simulates an internal attacker, from inside the organization

Attempts to escape out of the network boundaries

Attempts to gain unauthorized user access to systems within scope and systems

connected to network

WEBSITE APPLICATION PENETRATION TESTING

Designed to meet best practices and industry regulations for application security such

as; PCI, HIPAA and Red Flag

An assessment looks at the source code, the infrastructure, the operating systems

and the application functionality

Attempts to gain unauthorized access to systems connected to the web application

WIRELESS LOCAL AREA NETWORK (WLAN)

Scalability and features of current systems

Authentication & encryption controls in use

Detect rogue wireless Aps

Penetration testing of the wireless setup

BUSINESS VALUE FEATURES AND BENEFITS

Cost effective compliance Review of network, operating system, application

Prioritized and simplified and endpoint security measures

recommendations Comply with industry-driven regulatory requirement

Achieve greater return on investment Continuously expanding vulnerability tests and

Optimized implementation remote testing

Knowledge Transfer Discovery of key weaknesses in the servers

Manual and automated testing procedures

Phishing attacks are designed to deceive individuals into providing sensitive

information such as passwords to a malicious third-party, or into performing actions

such as downloading malware designed to give an attacker remote control over the

victim’s computer. Disturbingly, these attacks are becoming increasingly sophisticated,

to the extent that often neither the individual nor the organization to which they

belong is even aware that an incident has occurred until it is too late.

THE SOCIAL ENGINEERING ATTACK CYCLE

EXECUTION TO
INFORMATION DEVELOPMENT OF EXPLORATION OF
ACHIEVE THE
GATHERING RELATIONSHIPS RELATIONSHIPS
OBJECTIVE

DO YOU REALLY KNOW YOUR SECURITY POSTURE?

To gauge your current security posture in terms of the risk posed by phishing attacks,

ask yourself the following questions:

As part of your regular security assessments, have you ever performed a controlled

phishing attack?

Would you expect your employees to click on a malicious link within an email?

Would they then go on to disclose authentication credentials or attempt to

download a malicious payload?

How many employees in your organization would you expect to perform those

actions?

Which offices and departments within your organization are most likely to be

susceptible to a phishing attack?

Therefore, do you know where your security training budget is best spent for

maximum impact and ‘quick wins’?

Have you ever run security awareness campaigns? If so, how effective do you think

they were?

If there were a phishing attack, would there be an internal response,

or would it go unnoticed?

Is the response guaranteed to go as per policy and procedure, or would a real

-world attack be likely to cause chaos and confusion?

If there were a response, would it be sufficient to mitigate the risk posed by the

attack?

Is your organization more or less susceptible to phishing attacks than other

organizations with- in the same market sector?

People are often the weakest link and the most under-invested

component of organization’s security strategy. Our security training

fills this gap by providing interactive on-demand and instructor-led

education that is accessible 24x7. Training is role-focused and can

be customized to your security requirements and environment.

LIST OF COURSES
SECURITY AWARENESS (30-45 MINUTES EACH)
AWARE-01 Security Awareness Training

AWARE-02 PCI DSS Security Training

AWARE-03 HIPAA/HiTech Security Training

AWARE-04 Advanced Security Awareness Training for IT

APPLICATION SECURITY (2-3 HOURS EACH)

APPSEC-01 Introduction to Application Security – OWASP Top 10

APPSEC-02 Application Security Emerging Threats

APPSEC-03 Security Testing for QA / Ethical Hacking

APPSEC-04 Mobile Apps (IOS / Android) Security Top 10

APPSEC-05 Security for Technical Management / Threat Modeling

APPSEC-06 Cloud Security / AWS Best Practices

SECURITY FOR DEVELOPERS (3-4 HOURS EACH)

DEV-01 Security Training for Developers

DEV-02 Security Training for Developers - .NET

DEV-03 Security Training for Developers – JAVA / J2EE

DEV-04 Security Training for Developers - IOS

DEV-05 Security Training for Developers - Android

DATABASE SECURITY (1-2 HOURS EACH)

DATAB-01 Oracle Database Security

DATAB-02 SQL Server Data- base Security

FEATURES AND BENEFITS

Delivered on-demand, instructor-led or hybrid

Interactive engaging content with quiz and learning games

SCORM Compliant

Customized to your role and company policy standards

Repeat multiple times reinforce key concepts

Monthly student activity and progress reports

Meet PCI DSS, HIPAA and other compliance requirements

Deliverables include all content & training completion certificates

Vulnerability analysis is the frontline in securing an organization.

Aurora can develop custom-built methodologies to utilize your

personnel and financial resources to help meet business goals.

Vulnerability scanning is a necessary tactical approach to

securing all the “low-hanging” risk in an infrastructure. Tests

will be conducted against Internet perimeters and internal

systems using real world attacks techniques in an automated

manner. We analyze all potential vulnerabilities, try to exploit

them to leverage access and determine what may be real or

what may be “false” positives. Our exploit testing will document

the security exposure of any in scope assets which, analyzed

collectively, may lead to unauthorized access.

HOW THE PROCESS WORKS

Remote testing of internal networked devices via a VPN connection

Architecture review

Automated external scanning

Automated internal security scanning

Recommendations matrix as final delivery report

Fixed fee

KEY VALUE PROPOSITIONS INCLUDE:

Discovery of key weaknesses in the servers

Methodology development

Analysis of remediation process and solution development

Development of key remediation recommendations

Policy development to maintain proper vulnerability remediation procedure

BUSINESS VALUE FEATURES AND BENEFITS

Cost effective compliance Review of network, operating system, and

Prioritized and simplified application security

recommendations Determine weaknesses in access controls,

Achieve greater return on investment vulnerability management processes, incident

Optimized implementation handling processes

Knowledge transfer Understand weaknesses in existing policies,

procedures

Our complete set of security policies can be developed

including the infrastructure, third-party, asset classification,

accountability, personnel security, physical and environmental

security, communications security, operations security, user

education and awareness, access control, system development

life cycle, business continuity, disaster recovery, and regulatory

compliance.

HOW THE PROCESS WORKS

Gap analysis of current policies and operating environment

with policies developed accordingly

Policies mapped towards industry’s best standards

Policies and procedures that can evaluated include:

Disaster Recovery/Business Continuity Plan (BCP)

Incident Response and Notification

Account Administration (administrative & user)

Virus and Malicious

Code Protection

Network Security

Security Control over Network Servers (web, databases, etc.)

Information System Logging and Monitoring

Configuration and Control Over Routers and Gateways

KEY VALUE PROPOSITIONS INCLUDE:

Quickly validate problems and resolution, prioritize vulnerabilities

Automated testing provides recommendations for remediation

Development of key remediation recommendations

BUSINESS VALUE FEATURES AND BENEFITS

Cost effective compliance Develop policies to meet gaps (except BCP)

Prioritized and simplified 7 policies reviewed and/or developed

recommendations Fixed Fee

Achieve greater return on investment

Optimized implementation

Knowledge transfer

Security code review provides insight into the

“real risk” associated with insecure code. When

used together with automated tools and manual

penetration testing, code reviews. When used

together with automated tools and manual

penetration testing, code review can significantly

increase the cost effectiveness of an application

security verification effort. Aurora combines

automated and manual code analysis techniques

in a multi-step process of familiarization,

prioritization and analysis to understand the

context and make a relevant risk estimate that

accounts for both the likelihood of attack and

business impact of a breach.

HOW THE PROCESS WORKS

Identify and remediate code level vulnerabilities

Conduct security due diligence of key applications and 3rd party software

Meet regulatory requirements (PCI DSS 1.2, clause 6.3.7)

Educate developers on secure coding best practices

Enforces security as development priority

KEY VALUE PROPOSITIONS INCLUDE:

Minimize the risk and likelihood of a network breach

Secure Code training for developers

Increased cost effectiveness of applications security

BUSINESS VALUE FEATURES AND BENEFITS

Cost-effective compliance Review of network, coding and application

Prioritized and simplified security

recommendations Determine weaknesses and vulnerabilities

Achieve greater return on investment with code analysis

Optimized implementation Achieve government mandated compliance

Knowledge transfer requirements

Aurora’s Professional Services team has vast experience in delivering service

engagements and assessments for small and large companies in almost all lines of

business from financial and healthcare, to manufacturing and high technology, to

retail and food service industries. Our team offers a wide range of services from

CYBERSECURITY CONSULTING & ASSESSMENTS , IMPLEMENTATION , and

REMEDIATION services. Our range of expertise, experience, proven scope and
approach lets us be your partner in many aspects of your CYBERSECURITY

MATURITY PROGRAM .

Our areas of expertise continue to grow as we naturally adapt to the changing

customer needs, threat intelligence, emerging technologies, and shifting market

strategies and consolidations. We have SMEs (Subject Matter Experts) on Data Loss

Preventions (DLP), Data Classification, Endpoint Security, CASB, Vulnerability

Management, EDR, Policy Orchestration, Encryption, Identity Access Management,

Datacenter and Infrastructure services (Windows, Azure, AWS, GCP,VDI, VMWare).

We constantly strive to attain the highest partnership levels with our technology

partners so that we can better leverage support, access new products and roadmaps,

strategic management relationships, and better pricing for our customers. This also

elevates our engineer’s capabilities as they are frequently required to refresh their

technical certification and training to meet constantly evolving standards. These

requirements include pre-sales knowledge of product features and benefits, POCs

(Proof of concepts) and ability to perform demos for our customers.

During all engagements, we work closely with the client’s staff, sharing information

and educating the staff when possible. We want to partner with our clients rather than

be a point solution provider. Security is a long process that cannot be solved by any

one engagement. The results of all engagements are tailored to the client’s requests,

needs and business goals, with constant communication every step of the way, and we

can speak to any level of the organization from CEO and CFO to technicians and

sales staff.

Aurora is an established premier partner of Broadcom/Symantec with deep knowledge

and experience within the Symantec security portfolio. With recognized expertise in

multiple Symantec solution sets and a high level of customer satisfaction, Aurora has

established itself as a proven IT strategic security partner with their clients.

Our highly skilled staff of professional service engineers have solution expertise in the

following areas:Data Loss Prevention (DLP), Encryption, Validation & ID Protection

(VIP), Endpoint Protection (SEP), Symantec Encryption Management Server (SEMS),
Symantec Endpoint Security (SES), Symantec Endpoint Encryption (SEE) and
Symantec Cloud SOC (CASB).

Aurora's goal is to ensure that Symantec broad security solution sets are appropriately

aligned with organization’s key initiatives to maximize their return on investment. Our

areas of expertise continue to grow as we naturally adapt to the changing customer

needs, threat intelligence, emerging technologies, and shifting market strategies and

consolidations. We have SMEs (Subject Matter Experts) on Data Loss Preventions (DLP),

Data Classification, Endpoint Security, CASB, Vulnerability Management, EDR, Policy

Orchestration, Encryption, Identity Access Management, Datacenter and Infrastructure

services (Windows, Azure, AWS, GCP,VDI, VMWare).

INFORMATION SECURITY ENDPOINT SECURITY

Data Loss Prevention (DLP) End-user Endpoint Security

Secure Access Cloud Server Security

CloudSoc (CASB) Endpoint Management

Encryption

Control Compliance Suite

NETWORK SECURITY
IDENTITY SECURITY Messaging Gateway
VIP Encrypted Traffic Management
MPKI (Digicert) Advanced Threat Protection

PARTNER LEVEL: EXPERIENCE: AURORA FACTS:

PREMIER 10 years of DLP experience Geography Covered: National

Over 10 years of endpoint 23 Years in Business

experience Customer Segments:

Experience with fortune 500, Enterprise

healthcare, public sector, SLED

higher education, and federal Healthcare

customers Federal

Aurora has been a long-standing professional services partner of McAfee for over a

decade, with clients in various vertical industries ranging from education, healthcare,

commercial, communications, and financial industries. Aurora’s professional services

and solution architects are highly qualified and experienced across the McAfee solution

portfolio.

Our highly skilled staff of professional service engineers have solution expertise in the

following areas: MVISION, Cloud Security, Endpoint Security, Cloud Access Security

Broker (CASB), Endpoint Detection & Response, Data Protection & Encryption, ePolicy

Orchestrator and Web Gateway.

With Aurora service expertise and years as a managed service specialized partner they

have established themselves as a trusted McAfee security adviser in the industry.

MVISION CLOUD MVISION ENDPOINT

Unified Cloud Edge Endpoint Security

CASB Endpoint Detection &

Next-gen SWG Response

Data Protection Mobile Security

Container Security Data Loss Prevention

Workload Protection

Intrusion Prevention
MVISION PLATFORM
MVISION ePO

MVISION Insights

PARTNER LEVEL: EXPERIENCE: AURORA FACTS:

GOLD 10 years of McAfee PO Geography Covered: National

Over 10 years of endpoint 23 Years in Business

experience Customer Segments:

Experience with fortune 500, Enterprise

healthcare, public sector, SLED

higher education, and federal Healthcare

customers Federal

Allow Aurora to lighten your organizations vulnerability management operational

load. Aurora is offering Vulnerability Management MSSP through tenable IO & SC.

With many years of experience in the health care, government and the private sector,

we are confident in our ability to reduce the attack surface of your environment.

Through custom reporting, detailed configuration and granular vulnerability analysis,

we provide a unique vulnerability management platform to each of our customers.

TENABLE PRODUCTS OUR SERVICES

Tenable Security Center Manage On-premise Tenable SC

Tenable IO Health Check

Web App Scanning Best Practice Configuration

Lumin Policy Review

Container Security Compliance Standard Review

Tenable Nessus Pro Quarterly Business Review

Patch Management strategy

Goals and
Upgrade/Update Tenable SC
Objectives
Training of staff

Weekly, Monthly, Quarterly scans

Report &
Scope Ad-hoc scans
Remediation
Custom Reporting Matrix

Strategic Remediation Plan Service

Options

Results Vulnerability Scan

Configuration
Analysis
Assessment Aurora provides services for customers who

Process Flow have Tenable products already implemented

and configured in their environment. As well

as customers who have yet to implement a

Vulnerability

Detection/Scan vulnerability management system.

PARTNER LEVEL: EXPERIENCE: AURORA FACTS:

GOLD Over 5+ years of Vulnerability Geography Covered: National

Management experience 23 Years in Business

HIPAA, PII and PCI Experience Customer Segments:

Enterprise

Tenable Certifications: SLED

Tenable SC/IO Pre-Sales Engineer Healthcare

Tenable SC/IO Pre-Sales Integrator Federal

Tenable SC/IO Pre-Sales Architect

Aurora is an established partner of Beyond Trust with a deep knowledge and

experience within the Beyond Trust Security Portfolio. Our highly trained engineers

can implement full integration of Beyond Trust Privileged Access Management (PAM)

solution access Active Directory environment for Desktops and/or Servers. The Aurora

team can also mass deploy Beyond Trust Agents as needed for endpoints.

Beyond Trust products that we can sell and service include:

ENDPOINT PRIVILEGE MANAGEMENT

Windows and Mac

Unix and Linux

Active Directory Bridge

SERVERS

PASSWORD
RETRIEVAL WORKSTATIONS

USERS ACCESS
REQUEST APPROVAL RULES
DEVICES

SESSION PROXY
APPLICATIONS
PRIVILEGED PASSWORD MANAGEMENT

DATABASES

RECORD REPLAY AUDIT ARCHIVE SOCIAL MEDIA

SESSIONS SESSIONS LOGS LOGS

RECORD & AUDIT CLOUD

PARTNER LEVEL: EXPERIENCE: AURORA FACTS:

PREMIER Geography Covered: National

23 Years in Business

Customer Segments:

Enterprise

SLED

Healthcare

Federal

Sophos Endpoint Protection for Desktops, Servers, & Mobile Devices

and Sophos XG Firewall

Sophos Endpoint Protection is a leader in endpoint protection. What sets Sophos

apart from its competitors is the ability to protect your devices from ransomware.

Sophos is unique because they use cryptoguard. This has the ability to do smart

machine learning for ransomware to protect files. If your files do get encrypted, it

has automatic file recovery built in.

Aurora IT has experienced professionals with Sophos implementation that can help

you deploy and configure Sophos Endpoint Protection in your environment.

SOPHOS ENDPOINT PROTECTION SOPHOS XG FIREWALL

INTERCEPTX ADVANCED AND/OR Configure your internal network

WITH EDR (ENDPOINT DETECTION Configure Synchronized Security to work

AND RESPONSE) in conjunction with Sophos Endpoint

Protection for a more rounded security

Desktops
posture protecting what is on the
Servers
Network as well as on your endpoints
Active Directory integration

Create Endpoint Protection Policies

as needed

MOBILE DEVICE MANAGEMENT

Apple Devices

Android Devices

PARTNER LEVEL: EXPERIENCE: AURORA FACTS:

GOLD Sophos Central Endpoints Geography Covered: National

and Servers for InterceptX 23 Years in Business

Sophos Advanced with EDR including Customer Segments:

Gold Active Directory integration

Sophos XG Firewall solution

Enterprise

SLED
Partner on hosted on AzureSophos Healthcare

Certified Engineer Federal

Professional Services for Amazon Web Services (AWS)

Aurora has highly skilled professions in AWS. We can help you save on costs and move

your current datacenter from On-Premise to AWS Cloud Infrastructure. Below are

what we can help you implement:

AWS INFRASTRUCTURE
Build out your servers in the cloud to host your applications.

Configure AWS Database connectivity for hosted applications

Configure S3 buckets for storage

AWS AD CONNECTOR
Build out a Domain Controller on AWS and use AWS AD

Connector to connect your On-Premise AD to AWS Domain Controller

AWS WORKSPACES
Desktop-as-a-Service setup which would allow your remote users to

use their own Laptops or Home Desktops, and access the Desktop

hosted on AWS via a client

AWS APPSTREAM
Install applications on AWS Appstream to be accessible via an Internet Browser

This can also be accessible via Appstream 2.0 client from anywhere

AURORA FACTS: EXPERIENCE:

Geography Covered: National On-premise Active Directory integration with AWS directory

23 Years in Business and AD connector

Customer Segments: Experience with Virtual Desktops in AWS (Workspaces)

Enterprise Experience with EC2 instances for server infrastructure

SLED and connectivity for multiple applications and use cases

Healthcare (External to host web, applications, and or database

Federal services

Transit Gateway solution to allow connectivity and

communication between multiple VPCs within the native or

external accounts

AppStream 2.0 - accessing your application via a browse

or desktop client. Also SAML integration with your AD

infrastructure

Microsoft Windows Server On-Prem and Cloud Services

Aurora has highly skilled professionals in Microsoft Server Infrastructure that can help

you configure your On-Premise and/or Cloud Datacenter. These include but not

limited to setting up:

CLOUD ON-PREMISE
Azure Active Directory standalone or Hybrid Active Directory and GPOs for security and

Hybrid – Syncing On-premise Active Directory to your automations

Cloud Azure Active Director New Build, Migrations, Upgrades

Microsoft Office 365 for your Emails Microsoft Exchange Server for your Mail system

New Build or Migrating from Microsoft Exchange New Build, Migrations, Upgrades

Server On-Prem to Office 365 Windows Server Update Services (WSUS) for

Migrating from other email systems, like GSuite, Patch Management

to Office 365 Internet Information Services (IIS) for hosted

Hybrid integration for On-Prem Exchange with Office Web Sites

365 Microsoft SQL Server Build with or without

Microsoft 365 Data Loss Prevention (DLP) with Azure Clustered Services for backend Microsoft SQL

Information Protection (AIP) Databases

Utilize Keywords and Regex for DLP policy use on System Center Configuration Management

Exchange Online, Sharepoint Online,OneDrive, (SCCM) Buildout and Training in Administering

Microsoft Teams, and Windows Endpoints File Shares with Distributed File System

Utilize Exact Data Matching (EDM) for DLP Policy use Replication (DFSR)

on Exchange Online, Sharepoint Online, OneDrive, DHCP and DNS

Microsoft Teams and Windows Endpoints

Utilize AIP to classify documents so that when shared,

they are encrypted, blocked or allowed based on DLP

Policy

Microsoft Intune (with integration to SCCM)

Register devices with Intune and manage them with

Security Policies which utilize SCCM for patch

management

Microsoft Azure

Build Windows Servers and host applications on

servers in the Cloud

Virtual Desktop/s hosted in Azure

AURORA FACTS: EXPERIENCE:

Geography Covered: National Over 20 years as a Windows Systems Engineer / Sr. Systems

23 Years in Business Administrator

Customer Segments: Over 20 years on Windows Servers

Enterprise Over 20 years on Desktop Systems

SLED 8 years on Microsoft Azure and Office 365

Healthcare Over 15 years on SCCM

Federal Over 15 years on Microsoft Exchange

Over 20 years on WSUS / Active Directory / GPO / DNS / DHCP

Over 15 years Scripting with Powershell and Batch

NTT - Cybersecurity - Consultancy - Services v1-0
No ratings yet
NTT - Cybersecurity - Consultancy - Services v1-0
21 pages
Cybersecurity Reference Architectures 2023
No ratings yet
Cybersecurity Reference Architectures 2023
68 pages
Day 2 PCD ETL Engineering Cybbbersecurity
No ratings yet
Day 2 PCD ETL Engineering Cybbbersecurity
197 pages
Report Cybersecurity Great Consultant
No ratings yet
Report Cybersecurity Great Consultant
24 pages
Cybersecurity Advisory ISmart2 Servicecatalogue
No ratings yet
Cybersecurity Advisory ISmart2 Servicecatalogue
29 pages
INFORT FULL Corp Profile 2024 Updated.
No ratings yet
INFORT FULL Corp Profile 2024 Updated.
87 pages
Day 2 PCD CYBERSECCybersecurity
100% (1)
Day 2 PCD CYBERSECCybersecurity
197 pages
Assignment 5 New
No ratings yet
Assignment 5 New
11 pages
Applsci 12 04102
No ratings yet
Applsci 12 04102
15 pages
Cyber Security: of Companies Have Already Adopted Zero Trust Plan To Adopt Zero Trust in The Next 12 Months
No ratings yet
Cyber Security: of Companies Have Already Adopted Zero Trust Plan To Adopt Zero Trust in The Next 12 Months
8 pages
Cyber Auditing
No ratings yet
Cyber Auditing
12 pages
Consulting Data Sheet Overview
No ratings yet
Consulting Data Sheet Overview
2 pages
COM-0083-Executives Overview To Proactive Cybersecurity
No ratings yet
COM-0083-Executives Overview To Proactive Cybersecurity
6 pages
Zero Trust Solutions - IsC2 Presentations (9!26!2021) v4
No ratings yet
Zero Trust Solutions - IsC2 Presentations (9!26!2021) v4
28 pages
Cyberres A Micro Focus Line of Business Presentation
No ratings yet
Cyberres A Micro Focus Line of Business Presentation
9 pages
Thesis - Computer-Security-Audit PDF
No ratings yet
Thesis - Computer-Security-Audit PDF
34 pages
Lecture 09
No ratings yet
Lecture 09
49 pages
Microsoft Cybersecurity Reference Architectures (MCRA)
No ratings yet
Microsoft Cybersecurity Reference Architectures (MCRA)
68 pages
Astr Cyber Security Services
No ratings yet
Astr Cyber Security Services
7 pages
GBB Presentation
No ratings yet
GBB Presentation
11 pages
Us CSR Convergesecurity Whitepaper
No ratings yet
Us CSR Convergesecurity Whitepaper
9 pages
Assignment 3
No ratings yet
Assignment 3
5 pages
The Importance of Cybersecurity in Today's Age
No ratings yet
The Importance of Cybersecurity in Today's Age
3 pages
Emerging Technology: Group Assignment
No ratings yet
Emerging Technology: Group Assignment
7 pages
Second From Last Security
No ratings yet
Second From Last Security
6 pages
Unit 01 Monitorización de Seguridad
No ratings yet
Unit 01 Monitorización de Seguridad
27 pages
TOP 10 Most Promising Cybersecurity CIO REVIEW 2018 1559223031
No ratings yet
TOP 10 Most Promising Cybersecurity CIO REVIEW 2018 1559223031
2 pages
Alfredo Reino
No ratings yet
Alfredo Reino
37 pages
Preparation of SWOT Analysis For Cybersecurity
No ratings yet
Preparation of SWOT Analysis For Cybersecurity
4 pages
Cyberark Customer Success Overview Ebook
No ratings yet
Cyberark Customer Success Overview Ebook
9 pages
Future of IT Security
No ratings yet
Future of IT Security
12 pages
Cybersecurity Full PDF
No ratings yet
Cybersecurity Full PDF
17 pages
NIra Minniefield Program Manager
No ratings yet
NIra Minniefield Program Manager
7 pages
Cyber Security
No ratings yet
Cyber Security
22 pages
Caching Solution For Save Isp Bandwidth
No ratings yet
Caching Solution For Save Isp Bandwidth
15 pages
Unit I Cyber Security
No ratings yet
Unit I Cyber Security
54 pages
Cybersecurity Full PDF
No ratings yet
Cybersecurity Full PDF
10 pages
Acisoguidetocybersecurityinaction .Cleaned
No ratings yet
Acisoguidetocybersecurityinaction .Cleaned
7 pages
Brochure - MIT - xPRO - Cybersecurity Professional Certificate - 28-07-23 V74
No ratings yet
Brochure - MIT - xPRO - Cybersecurity Professional Certificate - 28-07-23 V74
26 pages
121 Summary Worksheet - Wild Africa Technology
No ratings yet
121 Summary Worksheet - Wild Africa Technology
4 pages
PWC IDC Worldwide Leader Integrators and Consultancy in Cybersecurity
No ratings yet
PWC IDC Worldwide Leader Integrators and Consultancy in Cybersecurity
9 pages
Mcra December 2023
No ratings yet
Mcra December 2023
95 pages
A Recipe For Cyber Resilience in A Twenty First Century Ebook
No ratings yet
A Recipe For Cyber Resilience in A Twenty First Century Ebook
11 pages
The Path To AI Pave The Way For Powerful Cybersecurity AI With Integrated XDR and SIEM
No ratings yet
The Path To AI Pave The Way For Powerful Cybersecurity AI With Integrated XDR and SIEM
14 pages
Arridae Infosec PVT LTD
No ratings yet
Arridae Infosec PVT LTD
13 pages
Fortinet SOC Solution
No ratings yet
Fortinet SOC Solution
37 pages
Ch07 Information Systems Auditing and Controls
No ratings yet
Ch07 Information Systems Auditing and Controls
13 pages
Arista ETM Building A Cybersecurity Risk Assessment Plan E Book
No ratings yet
Arista ETM Building A Cybersecurity Risk Assessment Plan E Book
10 pages
Security Orchestration, Automation and Response Buyers Guide
No ratings yet
Security Orchestration, Automation and Response Buyers Guide
20 pages
A Complete Guide To Modernizing Your Security Operations Center - 15pg
No ratings yet
A Complete Guide To Modernizing Your Security Operations Center - 15pg
15 pages
Security On A Shoestring
No ratings yet
Security On A Shoestring
6 pages
Csol 560-Final-Assignment 7-Enterprise Information Security Risk Assessment-Aris Nicholas-4-17-2023
No ratings yet
Csol 560-Final-Assignment 7-Enterprise Information Security Risk Assessment-Aris Nicholas-4-17-2023
29 pages
Path To Cybersecurity AI
No ratings yet
Path To Cybersecurity AI
14 pages
ArcSight Express - Technical Presentation
No ratings yet
ArcSight Express - Technical Presentation
37 pages
Avasant Cybersecurity Services
No ratings yet
Avasant Cybersecurity Services
29 pages
Implementing Agile Security Response: The Essential Checklist
No ratings yet
Implementing Agile Security Response: The Essential Checklist
7 pages
DLP Plan Final Signed
No ratings yet
DLP Plan Final Signed
9 pages
Proficio Whitepaper CIO Guide Why Switch To A Hybrid SOC
No ratings yet
Proficio Whitepaper CIO Guide Why Switch To A Hybrid SOC
3 pages
MC Afee Security Solutions
No ratings yet
MC Afee Security Solutions
116 pages
Detail Report v0.1
No ratings yet
Detail Report v0.1
60 pages
Australian Energy Sector Cyber Security Framework (Aescsf) : Framework Overview 2022 Program - Minor Refresh
No ratings yet
Australian Energy Sector Cyber Security Framework (Aescsf) : Framework Overview 2022 Program - Minor Refresh
30 pages
Roadmap
No ratings yet
Roadmap
13 pages
WWW - Protectivesecurity.gov - Au: Protective Security Policy Framework
No ratings yet
WWW - Protectivesecurity.gov - Au: Protective Security Policy Framework
21 pages
Exploring: 06 Different Financial Models
No ratings yet
Exploring: 06 Different Financial Models
9 pages
Inl/rpt 23 74072
No ratings yet
Inl/rpt 23 74072
182 pages
WhyMFADemandsSSO PDF-1677610634
No ratings yet
WhyMFADemandsSSO PDF-1677610634
18 pages
1693972198648
No ratings yet
1693972198648
39 pages
Argent Research: Merger & Acquisition Modelling - Vertical Integration Model
No ratings yet
Argent Research: Merger & Acquisition Modelling - Vertical Integration Model
31 pages
Frost Radar - BAS 2022 - Picus Security
No ratings yet
Frost Radar - BAS 2022 - Picus Security
13 pages
1694698159387
No ratings yet
1694698159387
5 pages
Sri Lanka Succesfully Completes Its Domestic Debt Optimization. Here'S What It Means
No ratings yet
Sri Lanka Succesfully Completes Its Domestic Debt Optimization. Here'S What It Means
8 pages
10 Challenging Problems in Call Centers & How To Solve Them in 2023
No ratings yet
10 Challenging Problems in Call Centers & How To Solve Them in 2023
3 pages
Fta DG Digital Guardian Data Discovery Ds
No ratings yet
Fta DG Digital Guardian Data Discovery Ds
2 pages