1.
New Offering 2013Cyber Security Check-up ServicesHow "healthy" is your cyber security program? When was the last timeyou checked? Do you have the resource and time to review your currentsecurity control processes?Marlabs Cyber Security Check-up Services

2.
1Introduction to Cyber Security Check-upServicesIn order to ensure your security program isoperating at peak performance at all times, itmakes sense to have certified trained expertsperform periodic check-ups.How "healthy" is your cyber security program?When was the last time you checked?Do you have the resources and time to reviewyour current security control processes?Marlabs Cyber Security Check-up Servicesprovides your organization with focused,detailed, advisory reports that include:assessment, reviews, and recommendedcorrective action plans of your security controls.If you choose; Marlabs will even perform thecorrective action steps for you and/or assistyour IT/Security staff in doing so.Our Cyber Security Check-up Services include: Firewall Security Check IDS/IPS Assessment & Tune-up Business Partner & Vendor Security RiskAssessment Planning Secure Disposal Planning Employee Security Awareness ProgramDevelopment Security Awareness Testing: SpearPhishing Social Engineering Scans Mobile Device Security Assessment Cyber Security & Performance MonitoringWe also provide Security Staff Augmentation ina multitude of cyber security disciplines.Firewall Security CheckService Includes: Assessment of Firewall Security PolicyThis involves the review/testing of thefollowing:o Policy review & testingo Rule-set & mplementation Approacho Maintenance & Managemento Physical Security of FirewallEnvironmento Information Security Policy Firewall Administration Access:o Access to the Platformo Platform Operating System Buildso Failover Strategieso Logging Functionality..o Security Incidentso BackupsIDS/IPS Assessment & Tune-upService Includes: Fine Tune Security Capabilitieso Information Gathering & Loggingo Detection & Prevention Managemento Implementation Reviewo Operation and MaintenanceBusiness Partner and Vendor RiskAssessment PlanningService Includes the review of vender security inthe following security area domains: Organization Employee Security Focus Change, Identity, & Event Management Network, Application, & System Security

3.
2Secure Disposal PlanningService Includes Information Sanitization &Disposition Decision Making: Information decisions in the system lifecycle Identification of the need for mediasanitization Determination of security categorization Reuse & Control of media Sanitization and disposal decisions Verification Methods Review, develop, and/or revisedocumentationEmployee Security Awareness ProgramDevelopmentService Includes: Designing Awareness & Training Programso Structuring Client Awareness & Trainingo Conducting Needs Assessmento Developing Strategy and Plano Establishing Prioritieso Addressing Funding & Training Developing Material Implementing ProgramsSecurity Awareness Testing - SpearPhishing Leverage NEXPOSE SOCIAL SCAN Perform variations of Spear-phish attacks Produce results report Recommend corrective actionsSocial Engineering ScansExploit the Following Threat VectorsMobile Device Security AssessmentService Includes: Wireless Scan Mobile Device Strategy Assessment Mobile Device Security Control Domaino Mobile Asset Inventoryo Mobile Device Provisioningo Mobile Software Distributiono Mobile Security Managemento Mobile Device Protectiono Monitoring and Help Desk Supporto Managing Diversity of MobilityPlatformsServicesGather IntelligenceEstablish TrustExploit TrustUse InformationVectors PhonePersonalOnlineTrashReverse

4.
3Cyber Security & PerformanceMonitoring Tiger TeamService Includes:Red Team Methodology: Information and Intelligence Gathering Threat Modeling Vulnerability Analysis and Exploitation Risk Analysis and Quantification ReportingCyber Security Staff AugmentationService Includes:Cyber Security Workforce FrameworkSpecialty Areas Include: Securely Provision: Concerned withconceptualizing, designing, and buildingsecure IT systems Operate & Maintain: Responsible forproviding support, administration, andmaintenance necessary to ensureeffective and efficient IT systemperformance and security Investigate: Responsible forinvestigation of cyber events or crimeswhich occur within IT Systems andnetworks Collect and Operate: Responsible forthe investigation of cyber events orcrimes which occur within IT Systemsand networks Analyze: Responsible for highlyspecialized and confidentialinformation that may developintelligence Oversight & Development: Providecritical support so others may conducttheir cyber security workMarlabs Inc. One Corporate Place South, Piscataway NJ 08854For more information, please call us at +1(732)-694-1000 or email us at sales@marlabs.comwww.marlabs.com© Copyright 2013 Marlabs Inc. All rights reserved.Due to specific non-disclosure agreements in force, project references andfurther details can be provided only on request.SecurityProvisionAnalyzeOperate &MaintainSupportOperate &CollectProtect &DefendInvestigate