Services Provided by Shadow Analytics
Shadow Analytics was started by Dan Jones after working with a number of Utah-based medium-sized businesses needing clear direction on how to build out a right-sized security team. Researching open-source security and data driven security programs is our main focus and something that we share whenever we can. Practical application of the research that we do lends us to often work with small or medium-sized businesses or startups. Shadow Analytics is also detected to helping reduce the complexity of creating a comprehensive cyber security program. As such, we offer a number of services to our clients.
Incident Response and Forensics
Often we start helping organizations move to a more data-driven program as the result of an incident response engagment. Today malware and ransomware pose a serious threat to most small to medium-sized businesses. Unfortunetly, many of these businesses learn the importance of a cyber security program first-hand after being the victim of an attack. Shadow Analytics' natural threat-focused and data-centric approach to security often allows us to assist where little or no security specific data sources exist.
Security Data Governance (including SIEM tuning and SOC architecture)
Collecting, enriching and acting on security events doesn't happen naturally. Shadow Analytics is able to provide consulting and engineering resources to build out a security data warehouse, tune security models and detections in your SIEM or help better integrate a SOAR into your existing tools. Better yet, we are happy to help build out an open-source SIEM/SOAR platform custom made for your organization. Additionally, we can work with your SOC on ways to better handle alert fatigue, increasing analyst enrichments or train advanced SOC analysts on threat hunting, forensics, and more.
Security Intelligence
Organizations with a more mature security program often find it helpful to have a fresh pair of eyes look at the threats facing their organization and their ability to address them. Shadow Analytics can help organizations take historical security event data and map these events to the likely threat actors, their motivations and then security controls to address the related threats. By taking this approach Shadow Analytics helps organizations invest in areas that will measurably increase the security of their organization relative to the threats most relevant to their organization.
Virtual CISO
Building out a security program with a solid foundation of security practices takes experienced leadership. Shadow Analytics can provide guidance for your security program by outlining essential first-steps, growth plans based on business objectives and then help find and train the right talent in your organization to make security a reality. Resume
If there are other security needs that your organization faces we would be happy to see what we can do to lend a hand. We also partner with a number of other subject matter experts that can likely lend a hand if we are unable to assist.