SERVICE CATEGORIES

Elite's service categories help customer organizations consider the various people, process, and technology factors that go into prioritizing and planning the security and privacy work needed for their organization.

Service provider agencies have varied offerings that fall into one or multiple categories.  When a customer organization submits a Service Provider Search request, they are asked to provide the general category that aligns most closely to what they need to do.

Proactive services help customers mitigate unrealized risks, reducing the likelihood and impact of potential security and privacy events.

People 

  • Executive level buy-in and participation
  • Creating a security and privacy-focused culture
  • Training and awareness (general, role, and scenario-based)

Process 

  • Audits and remediation of findings
  • Incident response plans and drills
  • Risk assessments and remediation of findings
  • Critical data and asset identification
  • Mapping data to key control areas

Technology

  • Secure engineering practices (SDLC)
  • Reviewing source code for vulnerabilities prior to release
  • Patching key systems as updates become available

Reactive services help customers effectively respond to a real or perceived security or privacy incident - reducing potential for operational, financial, and reputation-based harm.

People 

  • Incident response (workforce mobilization and incident containment)
  • Incident response (management of incident, response, support, and PR)

Process 

  • Training and awareness (update key training with lessons learned)
  • Forensics analysis and investigation (images and evidence)
  • Key control updates (non-technical)

Technology

  • Cryptographic review
  • Systems scanning, removal of malicious code, containment
  • Systems analysis
  • Key control updates (technical)

Managed services help companies with persistent, ongoing threat management.

People 

  • Ensure board and executive staff are aware of security program progress
  • Make progress visible and relevant through appropriate use of BI, analytics, and dashboards
  • Perform ongoing penetration testing for people-based scenarios (phishing, tailgating, social engineering, etc.)
  • Perform daily maintenance activity and system admin functions (add/remove system users, patch systems, etc.)

Process

  • Governance
  • Risk Management
  • Compliance

Technology

  • Perform ongoing penetration testing for technology-based scenarios (core systems, web applications, network, configuration, etc.)
  • Perform security event monitoring and alerting
  • Run anti-malware software and services
  • Perform firewall management
  • Patch key systems as updates become available

Candidate search helps hiring organizations find the right expert for open positions using multi-dimensional skill and profile data inputs.

  • Ecosystem is dedicated to security and privacy job placement

  • Roles vary from common to specialized

  • Hiring organization needs are mapped directly to expert capabilities

  • Hiring organizations can upload job postings to be viewed by job candidates

  • Job candidates can upload resumes to be viewed by hiring organizations