Company Logo



50 Best Entrepreneurs to Watch in 2022

LARES – Providing Continuous Defensive Improvement through Adversarial Simulation and Collaboration

LARES – Providing Continuous Defensive Improvement through Adversarial Simulation and Collaboration

As it stands, your firm may not have the in-house expertise, time, or resources to prevent, detect and respond to rising cybersecurity threats. However, if you’re not building a solid “Defense-in-Depth” security strategy, it can create significant long-term gaps. Cybersecurity consulting services build a long-term, mature security roadmap that accelerates your security return on investment. Security consulting services can be the solution to the dilemma of minimal resources and time, providing the greatest value and knowledge to handle the latest cyber-attacks, threats, and vulnerabilities.

LARES is a cybersecurity consulting company that helps companies secure electronic, physical, intellectual, and financial assets through a unique blend of assessment, testing and coaching. They are committed to identifying the key assets of your unique business and creating a customized strategy to protect you in today's volatile business environment and beyond. The company's approach allows their clients to make informed decisions about their information security programs and effectively "secure what matters most." LARES maintains a comprehensive staff of highly qualified technical professionals around the world. Their consultants are professionally and institutionally trained in the field of Information Security. Each of their staff members have a proven track record with Fortune-ranked companies, ranging from financial institutions, retail merchants, health care organizations, major utilities, transportation companies, international distributors, research laboratories, higher education, and more.

Offering Revolutionary Cybersecurity Services for Enterprises

Penetration Testing: Penetration Testing (pentesting), is conducted to confirm the valid attack vectors of your organization. This process goes beyond simply identifying and validating vulnerabilities to full manual exploitation, mirroring a real-world attack. The Lares® engineers will gain initial access, attempt to elevate privileges, execute lateral movement, and leverage the access to perform post-exploitation activities. During this process, advanced tools and custom utilities will be used to maintain availability of the servers while showing the true impact and risk to your organization. A comprehensive report of findings and resolutions will then be delivered. Collaboration on how to leverage this report to improve support and security within the company is the top concern.

Applications’ Security Controls: Lares Business Application Security Control (image)With the evolution of technology making perimeter access devices more secure and the rise in the sophistication of e-business focused attacks, the security focus has shifted to the next battlefront—applications. Application security involves checking the security controls of an application, not the operating system or device that hosts the application. The security review is directly related to the applications that have been custom developed or built on top of other commercial applications. Application security testing does not involve looking at hosting software such as the web servers, but rather focuses on the application software itself. For example, for an application developed using Active Server Pages (ASP), using a Microsoft Internet Information Server (IIS) running on a Windows 2000 operating system, the focus of the application security testing would be the ASP application, and neither IIS nor Windows 2000 would be tested.

Incident Response & Management: Incident response and management provided by Lares® extends your ability to respond to physical and digital threats to minimize the duration, impact, and cost of a security breach. Their team’s experience, expertise, and background in dealing with IR situations—in addition to training within various government and military agencies—allows Lares to rapidly assess and respond to situations using several methods including OODA, NIST, and others.

Cloud Security Testing: Lares’ cloud services testing reflects their deep insight into tactics, techniques, and procedures (TTPs) leveraged by attackers across the three major clouds, Azure and Azure Active Directory, Google Cloud Platform (GCP), and Amazon Web Services (AWS) and Infrastructure, Platform, and Software service models (IaaS, PaaS, and SaaS, respectively). They possess significant expertise in the areas of configuration and architectural reviews, cloud attack methodology, and advanced persistent threat (APT) simulation. Lares, a leader in adversarial simulation and innovative research, understands this motivation well and has invested significant effort in cloud attack techniques to help customers outpace would-be attackers and secure their cloud migration and operation strategies.

Program Development & Maturity Modeling: Maturity modeling is a practice provided by Lares that is typically part of a consultative engagement. It takes both a subjective and objective look at where your organization thinks it is—compared to measured actuality. Lares works with you to ensure you maintain the momentum they encourage toward continuous improvement across all OT/IT and InfoSec disciplines. Their team will assist you with both instituting a program of change and maturity, as well as moving you from a reactive to active/proactive posture, while providing the metrics required reporting out to leadership and other controlling entities.

The Leader Upfront

Chris Nickerson is the Founding Partner and Chief Executive Officer of LARES. He has spent the last 23 years of his career leading, inspiring, and sometimes irritating, the security industry. Collaborating with a group of other InfoSec researchers, he founded the Penetration Testing Execution Standard (PTES), and is working with the Red Team Alliance Training Collective to create a certification for Red Team Testing.

"All of our consultants maintain accredited certifications to provide the highest degree of professionalism, ethics and technical expertise that our clients demand."


Business News


Recommended News



Most Featured Companies


Latest Magazines

© 2024 CIO Bulletin Inc. All rights reserved.