SECURITY CONSULTING

Click below to see more information and then click on the image to go to the selected page.

Looking for adding new detection technologies to your security products?
It can be:
– scanning engine
– threat intelligence feeds
– URL sources
– OTS security products and whitelabel products : antimalware, VPN, system optimizers, password managers and many more
– browser add-ons
– SDKs
It makes no sense to go and try the few thousand on the market.
We have over 20 years experience in building security products.
We will analyze your products, we will measure your goals and define together a strategy to add the right one to your security portfolio.

If you want to be successful, you need to know the special requirements of an antivirus product and how to overcome them.

Additionally, it is no use if you build a great product and nobody knows about it. So, you need to know how to advertise the product without becoming a scareware product.

Classical AV products block scareware products by default, the initiative is backed up by Microsoft and AppEsteem.

Here are some things you need to do *right*:

  • Create the product the right way in order to allow you to expand it without rewriting it
  • Build the security features needed
  • Obtain the required certifications
  • Prepare your product for external AV testing with known companies
  • Prepare your USPs, fact-sheets, comparison sheets
  • Create a Go-To-Market strategy
  • Release your product the right way

The goal of technical due diligence (TDD) are:

  • identify how well an acquisition target’s organization and technology assets meet the acquisition goals
  • inform the valuation process (what the acquirer will pay for the company or assets)
  • identify risks due to intellectual property issues, capability gaps in the technology assets and/or organization
  • ability to support the go-forward business goals including post-acquisition integration of organization and assets.

A review of the Architecture and Design of the technologies means:

  • Evaluation of developing technology focuses more on the capabilities, strengths, and weaknesses of an engineering and/or product development organization to establish a baseline against current best practices and to develop recommendations for improvement.
  • An evaluation of current technology investigates the strength of an existing solution, evaluating the choice of technologies, appropriate use of frameworks and patterns, and how well the design considers and addresses functional and non-functional requirements.

Services offered

  • Secure Software Requirements
  • Secure code development guidelines
  • System design pattern development
  • Secure code development throughout software release cycle
  • Research and realization of proof of concept for special projects in IT Security area
  • Research, planning, product and project management and implementation of special software
  • On demand cross platform, Windows, Unix, Mac software development
  • Innovative Business Ideas/Solutions
  • Windows & Web based Development
  • Software Testing
  • Software / Application maintenance & support
  • Development of Apps for Android and iOS

We have excellent hands-on experience in the latest technologies and programming languages. Note that we consider that the programming language is less important than the result!

Sorin Mustaca (CSSLP, Security+, Project+) is a cybersecurity expert and entrepreneur, having devoted his entire career in building better cybersecurity products.

He has a software engineering background and over 20 years experience in Software Engineering and Product Management with focus on IT Security.

Sorin is helping companies producing security software (firewalls, antivirus/antimalware products, UTMs and others) to build better security software in a secure way.

Product and Project Management for Software projects:

  • Define product development and release processes or optimize your current processes that meet your needs
  • MRDs (Market Requirements Documents), PRDs (Product Requirements Documents) and define products
  • Give engineering teams clear, concise actionable information in a language they understand about customer needs (convert an idea in user stories they can deliver)
  • Prioritize user stories and feature sets into “Must Have”, “Nice to Have” and “Next Release”
  • Develop short-term and long-term product roadmaps
  • Capture, analyze and prioritize all requirements
  • Help and guidance to delivery estimates (waterfall like) or use agile software development methodologies to incrementally deliver value to your customers (using Scrum)
  • Determine what the right Minimum Viable Product is (no, an MVP is not “implement whatever you can until the deadline”)
  • Conduct competitive analysis
  • Perform customer and market research
  • Ship products without even feeling the stress of a release

What is a Special Project

Special projects is an activity which can mean a lot of things, which we don’t do as a business pillar:

– Special research in technologies for AI, Machine learning, Databases

– POCs for various technologies

– Tools for performing special tasks

– Research for technologies and vendors in very special areas like Cybersecurity, Distributed computing, Distributed Databases, etc.

– Research for protection technologies: scanning engines, threat intelligence feeds, URL webservices

– others…

Why would someone give us such projects ?

In general, enterprises have all resources allocated to projects. In order to assign some internal resources to a special project, they would

need to either hire new employees or re-allocate existing employees from current projects to start new ones and thus delay the projects.

These activities are very expensive for a company.

Much cheaper and less problematic internally is to describe the activity one time and give this description to someone external to execute it.

The results would be communicated in a weekly meeting and in writing.

Work and Output

Each project is described clearly and  has a start date and an end date.

We will discuss the deliverables and write down what will be delivered when.