ID#11CO0004 Last Modified 07.22.2011

© 2011 FishNet Security. All rights reserved.Corporate Headquarters 1710 Walnut St. Kansas City, MO 64108 • 888.732.9406

Securely Enabling Business

FishNet Security is a national information security solutions provider.By leveraging our lines of business and practices, we enable our clients to:

• Manage Risk• Achieve and Maintain Compliance• Improve Operational Efficiencies and Security Effectiveness

Security Technology Infrastructure Security Integration 24x7 Support

MSS Training Information Assurance Staff Augmentation

• Multiple Technologies for Each Security Initiative with Over 150 Manufacturing Partners• Client Focused Solution Evaluation and Selection• Efficient Negotiation and Procurement

• Routing, Switching, Transport Network Architecture Assessments and Roadmaps• Augmented Resources in the Design, Installation, Management and Maintenance of Communications Network• 24x7 Support• Staging and Configuration by Certified Engineers - Dedicated Service Provider Practice

• Security Architecture Review• Proof of Concept• Wireless Design, Site Surveys & Implementation• Remote Access Solutions• Public Key Infrastructure (PKI)• VOIP Infrastructure Review• Security Product Architecture, Design & Implementation• Mobile Architecture Review

• Manufacturer Certified & Audited• Multi-Vendor Product Support• Flexible Support Programs & SLA’s• Cost-Effective Bundles• Proactive Support Web Portal• Professionally-Staffed SOC• 24x7x365 Availability

• Co-Managed/Fully Managed Service Levels• Secure MSSP Web Portal• Client-Focused Dashboards• Security-Focused Expertise• Hardware and Software Lifecycle Management• SIEM• Firewall• IPS

• SSLVPN• Vulnerability• Authentication

• Classroom Training• Remote Live Training• Onsite Training• eLearning• End User Awareness Content• Vendor Certifications• 20 National Authorized Training Centers (ACTs)

• Governance, Risk & Compliance• PCI Compliance• Security Assessment• Application Security• Data Security & Privacy• Incident Management• Network Security• Mobile Application Assessments• Mobile Forensics

• Interim CSO Staffing• Security Administration• Outsourced Operations• Compliance Remediation (PCI, HIPAA)• Policy Review & Development

ID#11CO0004 Last Modified 07.22.2011

© 2011 FishNet Security. All rights reserved.Corporate Headquarters 1710 Walnut St. Kansas City, MO 64108 • 888.732.9406

Consulting PracticesOur experienced professionals hold numerous certification designations, including CISSP, CISM, CISA, ISO Lead Auditor, PCI QSA, PCI PA-QSA, NSA-IAM, OSCP and countless product-focused certifications. FishNet Security’s consulting team consists of seasoned security technical consultants, former Big Four professional services firm consultants, real-world industry practitioners and corporate security program directors. FishNet Security’s thought leadership in the security community is frequently featured in numerous publications and national conferences.

FishNet Security offers unparalleled project management, customer service and report deliverables with every engagement. FishNet Security’s commitment to information security excellence spans across the practices and specific offerings below.

Governance, Risk & Compliance• Security Program Review• Business Partner Assurance• Security Policy & Program Development• Business Continuity Planning• Physical Security Review• GRC Framework Development• GRC Technology Evaluation & Selection• GRC Integration• GLBA, NERC, HIPAA and ISO Advisory Services

PCI Compliance• PCI Pre-Assessment• PCI Executive Workshops• PCI ROC Audits• PA-DSS Audits• PCI ASV Scanning• PCI Remediation

Network Security• Security Architecture Reviews• Product Implementations• Technology Proof-of-Concept• Firewall Rule Review• Technology Consolidation Roadmaps

Incident Management• Incident Response• Digital Forensics• Incident Response Risk Assessment• IR Table Top Exercises• Visa Qualified Incident Response Assessor (QIRA)• MasterCard Qualified Forensic Investigator (QFI)• PCI SSC Forensic Investigator (PFI)

Application Security• Application Security Assessments• Source Code Review• Database Security• Secure Code Training for Developers• Threat Modeling• Secure SDLC Review & Development• Mobile Application Assessment

Mobile Security• Mobile Security Roadmap• Mobile Security Policy Development• Mobile Application Security• Mobile Vulnerability• Mobile Device Management• Mobile Device Remote Access• Mobile Security Awareness Training• Mobile Forensics

Data Security & Privacy• Data Security Assessments• Data Leakage Protection• Data Classification• Data Flow Analysis

Security Assessments• Vulnerability Assessments & Penetration Testing• Enterprise Assessments• Wireless Penetration Testing• Social Engineering