KRAA SECURITY LLC
MIAMI, FLORIDA

Vulnerability scanning is the systematic identification, analysis and reporting of technical security vulnerabilities that unauthorized parties and individuals may use to exploit and threaten the confidentiality, integrity and availability of business and technical data and information. External vulnerability scanning specifically examines an organization’s security profile from the perspective of an outsider or someone who does not have access to systems and networks behind the organization’s external security perimeter. Your external IPs be scanned once a year, once a quarter or monthly. Mobile platforms by default make certain promises about their environment. Development teams should not rely on these promises to protect critical data and code. Architecture review and threat modeling process will includes assessing and documenting security risks in the context of use cases, services, roles and functions unique to your application. The threat modeling is performed in collaboration with your business, engineering, operations and corporate security teams to understand and create the system’s security objectives, threat profile, attacks, vulnerabilities and countermeasures from design to deployment. We provide the best approach to eliminate the biggest cause of massive data breaches, the weak and/or stolen password. We continuously monitor the dark web for stolen databases and identities, and maintains the encrypted data in our proprietary database. When integrated with an IAM solution, we can provide superior visibility into user-centric risk and the ability to automate appropriate corrective actions, preventing the abuse of compromised credentials. In his recent position as COO of DTG Consulting, Erik was primarily focused on Information Security engagements. Assignments include leading security assessments (e.g. ISO 27001, HIPAA, SCADA, FFIEC, SANS 20, NYCRR 500), contracted CISO (Chief Information Security Officer), and project team management. Erik was CIO at Hermes of Paris and White Mountain Re Services, and played technical consulting or CISO roles at Ironshore Services, Man Tech, eHire, PWC, Chase Manhattan Bank, and IBM. Among his accomplishments are securing Chase’s network by evaluating and implementing two factor authentication for all remote access. He also has worked with Sony Music Entertainment to address multiple data center and application issues throughout their network. Erik is an InfoSec and PCI compliance expert who is a Certified Information Systems Security Professional (CISSP), and Board member of the Society for Information Management (SIM NY). He received a MBA in Finance from New York University’s Stern School of Business and BS in Electrical Engineering from New York University’s Polytechnic School of Engineering and is an Adjunct Professor at Baruch College. Kartik Trivedi has over 15+ years of experience helping numerous entities including Fortune 500, non-profit, tech start-up, financial services, and healthcare organizations meet their security, privacy, and business needs by helping to define strategic goals, develop road maps for more functional, mature, and secure programs, address immediate issues, and drive implementation of practical security solutions. Previously he was partner at Symosisand prior to that he was Director of Application Security at Accuvant, Managing Principal at McAfee, Principal at Foundstone and Software Development Engineer at concept solutions. Kartik has MBA in Finance and Entrepreneurship and MS in Computer Science degrees and CISM, CISA, CISSP certifications. Specialities Security risk assessment, penetration testing and prioritize vulnerability remediation based upon risk exposure to the business Seasoned leader with over 25 years in software architecture, design, build, implementation, program management and thought leadership of high-transaction business information systems. Internet of Things (IoT) expert, including integration with AI, machine-learning, signal processing, big data, network communication and full cloud integration. Focused on product management, customer enhancement all leading to company profitability and growth. Vulnerability scanning is the systematic identification, analysis and reporting of technical security vulnerabilities that unauthorized parties and individuals may use to exploit and threaten the confidentiality, integrity and availability of business and technical data and information. External vulnerability scanning specifically examines an organization’s security profile from the perspective of an outsider or someone who does not have access to systems and networks behind the organization’s external security perimeter. Your external IPs be scanned once a year, once a quarter or monthly. Mobile platforms by default make certain promises about their environment. Development teams should not rely on these promises to protect critical data and code. Architecture review and threat modeling process will includes assessing and documenting security risks in the context of use cases, services, roles and functions unique to your application. The threat modeling is performed in collaboration with your business, engineering, operations and corporate security teams to understand and create the system’s security objectives, threat profile, attacks, vulnerabilities and countermeasures from design to deployment. We provide the best approach to eliminate the biggest cause of massive data breaches, the weak and/or stolen password. We continuously monitor the dark web for stolen databases and identities, and maintains the encrypted data in our proprietary database. When integrated with an IAM solution, we can provide superior visibility into user-centric risk and the ability to automate appropriate corrective actions, preventing the abuse of compromised credentials. Vulnerability scanning is the systematic identification, analysis and reporting of technical security vulnerabilities that unauthorized parties and individuals may use to exploit and threaten the confidentiality, integrity and availability of business and technical data and information. External vulnerability scanning specifically examines an organization’s security profile from the perspective of an outsider or someone who does not have access to systems and networks behind the organization’s external security perimeter. Your external IPs be scanned once a year, once a quarter or monthly.