Our security consultants comprise one of the most experienced teams in the business. Our consultants have performed more than 200 security projects for the public and private sector, including the Intelligence Community, and 8 of the 10 largest financial institutions in the world. We build client-specific strategies using our own security processes and methodologies, which we continually refine and update.

Our consultants provide government clients with a full range of security and privacy services to help them meet the challenges they face as they expand their online presence. With the move toward digital government, security requirements increase exponentially. We can help with all aspects, including

  • Policy Writing
  • Network and Application Security Assessments
  • Industry-Standard Compliance
  • Security Requirements
  • Gap Analysis
  • Developer Training
  • Security Product Implementation


Automated tools are only a small part of what we use to perform security assessments. Our security specialists carefully study how the application works and identify risks and vulnerabilities that cannot be detected by automated scanners. A thorough examination of how the developer built the application, along with our in-depth experience in application development and hacking techniques, allow us to apply real-world scenario experience that would be common in actual attacks by cyber criminals.



Did you know that a flaw in Facebook could lead to a compromise of your internal systems and data?

We can perform a thorough assessment of the transactional elements of your web or mobile applications, so that you can mitigate risks posed by vulnerabilities in internal and external applications. An insecure transactional web or mobile application can lead to negative press, liability, privacy issues, compliance violations, financial loss due to unavailability or outright theft and fraud. Our proven processes and methodologies allow us to detect a variety of application vulnerabilities.


A Network Security Assessment is a real-time, real-world assessment of your organization for Internal (Intranet) exposure to malicious employees and contractors, network perimeter and exposure to the Internet or partner networks. These are manual assessments performed by an experienced security consultant.


Enterprise Security Assessments identify vulnerabilities and allow the real threats to be understood. There are more attack vectors and intangible risks than any budget can address. Enterprise assessments allow you to know your environment, learn who or what can most affect your data and uptime, and give you a clear understanding of how to budget your IT dollars.

Our security consultants have years of experience working with the highest levels of our clients’ management teams. We guide clients like you through a complex security environment to find the best possible outcomes for your organization.

QSA Security

Security works best if treated as a program that is continually improved, and not only as a checkmark on a compliance report. Our Security Assessment Roadmap consultant will analyze current information-security states and compare them to practical starting points tailored to your business needs.

Next, we work with you to outline the steps for creating a sustainable information security program. Our goal is to identify the priorities that will pay the highest dividends for your organization.

The resulting Security Assessment Roadmap will identify and recommend high-priority security projects for the next three to five years, with year-one projects being those that meet your most immediate security needs or serve as the foundation for a comprehensive security program.


We are committed to helping organizations achieve end-to-end accessibility in their websites, so that people with disabilities, technology limitations and reading restrictions can use the web. Our Web Accessibility Consulting Services include audits, training and web development/remediation services.

Our audits are conducted against a set of standards, such as Section 508 or the Web Content Accessibility Guidelines 2.0, but we can also test and report against a combination of these and combine criteria where they overlap. In addition, we include specific organization or federal standards where required.