Get an Overview Today

Enterprise Cyber Security & Penetration Testing Experts

Who are we ...

Primary Area of Expertise:

  • Offensive Cyber Security Strategies - "Assume Breach"
  • Penetration Testing with Adversary Threat Simulation
  • Active in the Cyber Security Community

Service Disabled Veteran Owned Small Business

Full Stack Cyber Security Provider

Vulnerability Assessments (VA) − Independent expert review for a diverse set of potential vulnerabilities across a wide range of technologies.

  • Penetration Testing

  • Vulnerability Assessments

  • Vulnerability Research Exploit Development

  • Open Source Data Collection

  • Phishing

  • High Value Targets

  • Incident Response Testing

  • Incident Handling

  • Incident Response

  • Network Monitoring

  • Log Collection / Correlation

  • Threat Intelligence

  • End Point Protection

  • Automated Response

  • Policy / Consulting

  • Web Application Assessment

  • Software Assessment

  • Manual & Automated

Certifications

Company

ISO 9001:2015

Professional/Technical

  • OSCP, OSCE
  • CISSP, CSIM
  • CEH, Sec+
  • Splunk Certified Consultant I, II
  • Splunk Architect
  • GIAC – GCIH, GREM, GPEN, GSEC

Our Influences . . .

Developed the US Army's Threat Emulation (Cyber OPFOR), to simulate Cyber Attacks while Combat Arms units trained during War Games.

Created the Pentagon's Vulnerability Research & Exploit Development (VRED) Credited with 14 CVEs

Pentagon Red Team DHS NCCIC/NCATS Commercial Financial Sector

Pentagon PENTCIRT DHS ENTERPRISE SOC DHS CBP SOC United States Cyber Commmand Commercial SOC as a Service

Presentations at Security Conferences Training (Personalized) Blogs Software Sharing (GitHub)

Defense in Depth - Assume Breach Methodology

Products

Skillwerks is an on demand assessment platform to demonstrate individual computer skills and competencies.

SPLUNK Engineering

Splunk− Delivering & Developing powerful operational intelligence by providing real-time insight into your information systems through dashboards, charts, reports, and alerts.

  • Security & Compliance
  • Implementation
  • Operation Analytics
  • Assess & Design
  • Cloud
  • Development & Administration

Vulnerability Assessments Solutions

Vulnerability Assessments (VA) − Independent expert review for a diverse set of potential vulnerabilities across a wide range of technologies.

  • Assessment of adequacy and effectiveness of system security control measures

  • Evaluation of multiple technologies including:

  • Network & Operating Systems

  • Applications (Web & Thick Client)

  • Databases

  • Vulnerability

  • Threat

  • Asset

Penetration Testing Solution

Penetration Testing (PT) − Implementation of proven testing methodology and lifecycle emulating modern threats

  • Independent assessment of systems using perspective of external malicious attacker and informed insider
  • Assessment of business impact and access to organizational vulnerabilities (technical/non-technical) of successful attack
  • Test perimeter defenses, internal attack mitigation defenses, and information security detection and response capabilities

Application Security Assessments Solution

Assessment of security posture of 3rd party or custom developed applications across a wide range of operating platforms and attack perspectives.

  • Web Application Vulnerability Assessments/Penetration Tests
  • Mobile Device Application Testing
  • Application Vulnerability Assessments
  • Vulnerability Research & Exploit Development

Credited with over 15 CVEs for discovered vulnerabilities

Social Engineer Assessments Solutions

Impact analysis of a successfully executed social engineering campaign in a controlled environment

  • Open Source Intelligence/Information Gathering (OSINT)
  • Spear-Phishing, Pretexting Campaigns
  • Non-Technical Tests including Baiting, Tailgating, Dumpster Diving, among others
  • Training

Red Team Assessments Solutions

Emulation of advanced attack profiles (e.g., nation-state, highly funded criminal organization, Hacktivism)

  • Assessment of advanced defense and detection capabilities

Insider Threat Program

Identifies potential ways an insider could threaten your organization

  • Know what is at stake
  • Align insider threat with business continuity
  • Know your critical systems
  • Trust but verify
  • Prevent breaches

Cyber Hygiene (CyHy)

Gray Tier’s own developed variety of proactive services which evaluates an organization’s external security posture

  • Open Source Intelligence/Information Gathering (OSINT)
  • Spear-Phishing, Pretexting Campaigns
  • Continual Vulnerability Identification
  • Dark Web, Credential Leaks, Domain Masquerading

Security Operations Center as a Service (SOCaaS) Security Information and Event Management(SIEM)

Gray Tier

Contact us for an overview of our capabilities and examples of how clients have benefited from our consultation.

Get an overview today
Gray Tier Technologies

Founded in 2014, Gray Tier Technologies provides technology consulting services focused on solving the toughest cyber security challenges faced by government, commercial, and military organizations.

Connect with Us
Resources
Newsletter
Get our latest updates straight to your inbox!
© 2021 Gray Tier Technologies, LLC. All rights reserved.
Designed and powered by WebriQ.