Services

Get a real-world look at how attackers could exploit your vulnerabilities—and guidance on how to stop them—with our pen testing services. Knowing your vulnerabilities—and the ways in which attackers could exploit them—is one of the greatest insights you can get in improving your security program. Mac Jason Consult’s Penetration Testing Services team will simulate a real-world attack on your networks, applications, devices, and/or people to demonstrate the security level of your key systems and infrastructure and show you what it will take to strengthen it.

The best way to stop attackers is to think and act like an attacker. Which is why, unlike many security firms, we hire experienced security professionals who can think and act like bonafide hackers. Our experience include but not limited, ATM hacking, multi-function printer exploitation, automobile keyless entry attacks, endpoint protection bypass techniques, RFID cloning, security alarm system bypass. To stay perpetually one step ahead of attackers, our testers devote 25% of their time to conducting research and contribute to the security community, publishing articles, presenting at conferences, developing and releasing open source testing tools.

In addition to the Open Source Security Testing Methodology Manual (OSSTMM) and the Penetration Testing Execution Standard (PTES) Mac Jason Consult’s application penetration testing service leverages the Open Web Application Security Project (OWASP), a comprehensive framework for assessing the security of web-based applications, as a foundation for our web application assessment methodology.

As the widespread use of mobile applications continues to grow, consumers and corporations find themselves facing new threats around privacy, insecure application integration, and device theft. We go beyond looking at API and web vulnerabilities to examine the risk of the application on a mobile platform. We leverage the Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM), and Penetration Testing Execution Standard (PTES) methodologies to thoroughly assess the security of mobile applications.

Internet-aware devices span from ubiquitous, commercial Internet of Things (IoT) devices and systems to automotive, healthcare and mission critical Industrial Control Systems (ICS). Our testing goes beyond basic device testing to consider the entire ecosystem of the target, covering areas such as communications channels and protocols, encryption and cryptography use, interfaces and APIs, firmware, hardware, and other critical areas. Our deep dive manual testing and analysis looks for both known and previously undiscovered vulnerabilities.

Malicious users are often more successful at breaching a network infrastructure through social engineering than through traditional network/application exploitation. To help you prepare for this type of strike, we use a combination human and electronic methodologies to simulate attacks. Human-based attacks consist of impersonating a trusted individual in an attempt to gain information and/or access to information or the client infrastructure. Electronic-based attacks consists of using complex phishing attacks crafted with specific organizational goals and rigor in mind. Mac Jason Consult will customize a methodology and attack plan for your organization.

Want to focus on your organization’s defense, detection, and response capabilities? Mac Jason Consult works with you to develop a customized attack execution model to properly emulate the threats your organization faces. The simulation includes real-world adversarial behaviors and tactics, techniques, and procedures (TTPs), allowing you to measure your security program’s true effectiveness when faced with persistent and determined attackers.

We leverage the Open Source Security Testing Methodology Manual (OSSTMM) and the Penetration Testing Execution Standard (PTES) as a foundation for our wireless assessment methodology, which simulates real-world attacks to provide a point-in-time assessment of vulnerabilities and threats to your wireless network infrastructure.

Take control of your vulnerability management program with help from the experts. Our Managed Services team can help you get one step closer to your fantasy of a well-managed and ever-evolving vulnerability management program, without the need for in-house hires. Our experts are here to help you quickly leverage your security program investment by handling the operational requirements of vulnerability scanning and/or application security for you. Our Vulnerability Management Services offer regular assessments and concise reporting, enabling higher productivity and saving you time and money.

Let our experts run Nessus or Qualys Vulnerability scanners for you. Mac Jason Consult’s Managed Vulnerability Management team can help you quickly leverage your investment in Nessus or Qualys Vulnerability scanners – and increase productivity while saving time and money – by handling the operational requirements for you.

Get the most from Nessus or Qualys Vulnerability scanners. Your vulnerability management program needs daily attention and regular analysis to raise your security posture to its fullest potential. Our Managed Vulnerability Management team will fill in for you when you don’t have in-house skills or resources.

Free up your team

Our Managed Vulnerability Management team can handle the configuration, scanning, and reporting for you, so that your team doesn’t spend extra time getting trained or offloading other important initiatives.

Reduce your operational overload

Our Managed Vulnerability Management team can handle the configuration, scanning, and reporting for you, so that your team doesn’t spend extra time getting trained or offloading other important initiatives.

We understand the challenges security teams face managing both sides of the breach. And we're here to help. Mac Jason Consult's detection and response services will help you keep a keen eye on your network's activity and ensure you have the right plan in place to respond when someone gets in or tries to get in.

​Accelerate your incident investigation and containment. Mac Jason Consult Incident Response services give you access to the experience and technical expertise you need to accelerate your incident investigation and containment. Leveraging the most advanced Artificial Intelligence (AI) tools in combination with our in-house expertise, our clients have noticed an increased accuracy of threat detection and enhance network visibility. Our teams will work closely with your in-house teams to cover every stage of incident response, from analysis and detection right on through containment, remediation, and cleanup.

Mac Jason Consult's expert incident responders have conducted over 2,000 combined incident responses and have experience in responding to compromises of all sizes and severity. They complement their backgrounds in threat and network forensics and malware analysis with Mac Jason Consult–specific technology for rapid analysis and incident scoping.

Rapid and complete response
From response through remediation and clean–up, you'll have a single point of contact who is ultimately responsible for coordinating, communicating, and reporting on every aspect of incident response activity. Our incident response services include all aspects of threat detection, documenting findings, and collaborating to devise appropriate remediation activities.

Monitor and hunt attackers in your environment—with a little help from an army of cyber guardians. You’ve got valuable data. Naturally, other people want it. Organized criminals. Nation states. Someone just trying to prove a point. The list goes on and on. But do your resources
With Mac Jason Consult Managed Detection and Response services, finding the time, talent, and technology to expertly detect and respond to breaches isn’t your problem—it’s ours. That’s right: Our team will provide 24/7 detection and response in your environment. Which means your organization can finally have everything it needs to stay safe, without actually taking on anything more. Just think of us as your army of cyber guardians.

Many Security Operations Centers (SOCs) only focus on known threats, which means as threats evolve, incidents can go undetected and unmitigated for months or even years, allowing attackers to get comfy within an environment and wreak havoc. To detect and respond to both known and unknown threats quickly and thoroughly, Mac Jason Consult Managed Detection and Response team members combine their personal expertise with our leading incident detection and user behavior analytics technology, our cyber AI platform uses unsupervised machine learning to analyze network data at scale, and makes billions of probability-based calculations based on the evidence that it sees. Instead of relying on knowledge of past threats, it independently classifies data and detects compelling patterns.

Develop an incident response plan focused on threat detection and response.
Want top-notch threat detection and incident response capabilities? Then you need a top-notch program to support them. Mac Jason Consult's Incident Response Program Development service will help you determine the people, process, and technology necessary to ensure your organization can move with speed and purpose in the event of an incident.
We'll kick things off with a thorough security audit of your existing incident response processes and tools, and provide a scorecard highlighting your areas of strength and weakness. By the end of the assessment phase, you'll understand how your current incident response plan stacks up against best practices and see where you need to up your game.

Applying what we discovered in our assessment, we'll develop a new incident response plan that includes guidance on prioritization, technical response, and communications plans. Mac Jason Consult can also work with you to create a roadmap detailing your current and future state with actionable steps to achieve your program goals. Our teams have experience working with organizational leaders to select the appropriate tools and technology and building the collateral to help these leaders champion effective incident response plans to the broader organization.

You know that dream where you're the star of the play, but don't know any of your lines (and also aren't wearing pants for some reason)? Forget it. We'll work with your breach response teams to adequately rehearse your incident response plan via one or more incident response simulations, ensuring they're ready for the spotlight when the time comes.
To continue putting your defenses to the test on a regular basis, consider using Mac Jason Consult's penetration testing services quarterly or annually.

Assess your current conditions and analyze your gaps to identify clear steps to a stronger security program.
Finding the insight necessary to evaluate your program, determining which initiatives to prioritize, moving with speed—when developing or evolving your security program, doing it alone can feel like an insurmountable challenge. Mac Jason Consult applies our extensive expertise in cybersecurity and security program development to customize a cybersecurity program that is just right for your organization.

Before you can evolve your security program, you need to know where it stands. That's why we created our CSMA service. Our experienced team will help you:

We perform a thorough evaluation of the current state of controls and gain an understanding of the organizational risk appetite and business objectives.

Industry best practices are compared to your organization’s current controls and optimal changes are identified to build a relevant, actionable, and sustainable security program.

Customized around your particular threats, risk appetite, and business goals, our program development engagements take a holistic view of your organization and the need to align with various standards such as CIS Critical Security Controls, ISO, NIST, HIPAA, PCI DSS, and various maturity models.

Whatever your organization’s security needs, our experts will help you build out process and collateral to run any facet of your security program.
For organizations lacking the right people, processes, and technology to develop and advance their security programs, don’t worry—we’ve got you covered. Mac Jason Consult offers an assortment of full-service programs tailored to your unique business needs, size, and risk, and designed to make your security program relevant, actionable, and sustainable.