SECURITY-new draft

Strengthen and improve your security practice.

Security Services

Make the most informed security decisions you can for your organization with confidence – confidence to defend against attackers with the tools at hand, address security and compliance concerns, and pass audits and assessments. We can help your organization validate your security posture through offensive security-focused services such as complex adversarial simulations, network penetration testing, application security assessments, insider threat assessments, vulnerability research, continuous security testing, virtual Chief Information Security Officer (CISO) services, and coaching.

Vulnerability Assessment

The vulnerability assessment consists of network host discovery, information gathering, scanning hosts at the network-layer and application-layer with industry leading commercial tools in search of thousands of vulnerabilities, and expert-level analysis. The vulnerability assessment can also include various types of optional testing such as authenticated scanning, user privilege escalation, and password cracking.

Penetration Testing

A penetration test, also known as a pen test, goes beyond simply identifying and validating vulnerabilities—it is a full, manual exploitation; one that mirrors a real-world attack. The process involves an active analysis of the system for any potential vulnerabilities that could result from poor or improper system configuration, both known and unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures. This analysis is carried out from the position of a potential attacker and can involve active exploitation of security vulnerabilities.

Social Engineering

Measure end-user response to phishing, spear phishing, spam and other email threats.  Even the most effective layered technical security architecture simply isn’t enough to prevent the compromise of confidentiality, integrity and availability no matter the threat vector.   The term “social engineering” has been used for years by hackers to describe the technique of using persuasion and/or deception to gain access to information systems.

Why Choose Drummond?

Security Expertise

Everyone on the Drummond team has extensive experience in building security programs and we will help you improve your security programs.  From vulnerability scans to pen testing and social engineering, our team will help you make informed decisions about your information security program and build processes and practices with you to protect what matters most to your organization.

Compliance Leader

With over 20 years of experience, we offer a comprehensive suite of services to help you achieve compliance with complex regulatory information security mandates including HITRUST, HIPAA, PCI, SOC, ISO 27001, NIST and GDPR.

Proven Partner for Success

Drummond offers personalized services that are proven to help you strengthen your security posture.  Experience our team of highly skilled experts ready to collaborate with you and your team. Increase trust, gain expertise and experience our proven methodologies and attention to detail as we partner with you for your long-term success.

Looking for more?

Our strategic cyber security partner provides continuous defensive improvement through adversarial simulation and collaboration, helping your business protect what matters most.  Together, we bring world-class cybersecurity and compliance together to serve your business in such a way that you’re inspired to achieve success beyond what you believe possible. Talk to us and find out what our partner can do for you.

Application Security – With the evolution of technology making perimeter access devices more secure and the rise in the sophistication of e-business focused attacks, the security focus has shifted to the next battlefront—applications.

Security Consulting – With countless years of global-security management and expertise, our security partners offer a wide range of consulting services from risk and compliance services to customized coaching plans to increase and grow your security programs.

Red Teaming – Red Teaming is a full-scope, multi-layered attack simulation designed to measure how well a company’s people, processes, and technologies can withstand an attack from a real-life adversary.

Purple Teaming – Penetration Testing goes beyond simply identifying and validating vulnerabilities—it is a full, manual exploitation; one that mirrors a real-world attack.

Physical Security – The process begins with a characterization of the facility including identification of the undesired events and the respective critical assets. Guidance for defining a design basis threat is included, as well as for using the definition of the threat to estimate the likelihood of adversary attack at a specific facility.

Incident Response – Providing expert resources to assist in you in the case of breach mitigation, irradiation, and resolution when you have suffered from a cyber-attack.

The People of Drummond
are here to help!

Privacy Preferences

When you visit our website, it may store information through your browser from specific services, usually in the form of cookies. Here you can change your Privacy preferences. It is worth noting that blocking some types of cookies may impact your experience on our website and the services we are able to offer.

Click to enable/disable Google Analytics tracking code.
Click to enable/disable Google Fonts.
Click to enable/disable Google Maps.
Click to enable/disable video embeds.
Our website uses cookies, some from third-party services. Define your Privacy Preferences and/or agree to our use of cookies.