website/_layouts/services.html

122 lines
6.9 KiB
HTML
Raw Permalink Normal View History

2023-10-24 16:47:07 +00:00
<!DOCTYPE html>
2023-10-24 17:18:17 +00:00
<html lang="{{ page.lang | default: site.lang | default: en }}">
2023-10-24 16:47:07 +00:00
{%- include head.html -%}
<body>
<div class="container">
{%- include header.html -%}
<main>
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h2>How can we help you?</h2>
2023-11-04 18:22:12 +00:00
<p>Distrust offers a wide range of services which are tailored to your organization. Whether you need a complete security assessment, want to create or improve an open source security tool, or want to focus on assessing a specific aspect of your organization or system - we are here to help. Our experienced staff will collaborate closely with you to understand your unique needs and create a tailor made solution that works for you.</p>
2023-10-24 16:47:07 +00:00
<br />
<a href="/contact.html" class="action-button">Request a Quote</a>
<br />
</div>
</div>
<div class="flex-container-inner">
</div>
</section>
<hr />
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h3>Security Assessment</h3>
2023-11-04 18:22:12 +00:00
<p>We offer full stack security assessments, covering anything that is in scope for a sophisticated adversary, such as compromising a third party library, bribing a devops engineer, finding an oversight in your code, or otherwise. While we will point out specific flaws we find, we feel we offer the most value in helping you identify where you can make strategic improvements to your architecture to take entire classes of risk off the table.</p>
2023-10-24 16:47:07 +00:00
</div>
</div>
<div class="flex-container-inner">
<ul>
<li>Penetration Testing</li>
<li>Secure Code Review</li>
<li>Cloud Configuration Review</li>
<li>Threat Modeling</li>
</ul>
</div>
</section>
<hr />
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h3>Security Engineering</h3>
2023-11-10 22:52:15 +00:00
<p>Our team is comprised of security engineers with past lives as full time system administrators and software engineers. We have extensive first hand experience in implementing custom security defenses for high risk organizations. We are happy to get as deep into the weeds planning new defense strategies as you like, from Linux kernel hardening, to supply chain signing, to code quality, library choices, and beyond.</p>
2023-10-24 16:47:07 +00:00
</div>
</div>
<div class="flex-container-inner">
<ul>
<li>Secure Code Development</li>
<li>Cryptocurrency Custodial Solutions</li>
<li>Quorum Authentication Design and Implementation</li>
<li>Cryptographic Key Escrow / Signer</li>
<li>Reproducible / Deterministic Builds</li>
<li>Production Engineering Practice</li>
</ul>
</div>
</section>
<hr />
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h3>Retained Security Support</h3>
2023-11-02 18:52:16 +00:00
<p>We offer monthly retainer contracts to augment your existing security team with access to our combined experience as needed. You can drop questions to our team in a chat, or include us in security-relevant meetings. Almost anything an in-house security team might do to protect your organization is in scope for us as well, including qualifying candidates, conducting interviews, reviewing code, evaluating third party risks, or being a security voice in the room when you are planning new products.</p>
2023-10-24 16:47:07 +00:00
</div>
</div>
<div class="flex-container-inner">
<ul>
<li>Security Program Development</li>
<li>General Security Consulting</li>
<li>Assistance With Hiring Security Talent</li>
<li>Business Continuity Planning</li>
<li>Physical Security</li>
</ul>
</div>
</section>
<hr />
<section class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h3>Research & Development</h3>
2023-11-02 18:52:16 +00:00
<p>Rather than write the same document or tool 10 times and bill each client for it, we focus our unused retainer hours on open sourcing every document and tool we legally can, so we can focus our time with clients on their unique needs. If we are doing public work you would like so see more of, or that <i>almost</i> meets your needs, we would love to hear from you and figure out a path to see your needs met.</p>
2023-10-24 16:47:07 +00:00
</div>
</div>
<div class="flex-container-inner">
<h4>Development</h4>
<ul>
<li><a href="https://git.distrust.co/public/keyfork">keyfork: a hierarchical deterministic key management toolkit</a></li>
<li><a href="https://git.distrust.co/public/ocirep">ocirep: oic base images for deterministic builds</a></li>
<li><a href="https://git.distrust.co/public/airgap">airgap: a minimal linux distro for high risk scenarios</a></li>
<li><a href="https://git.distrust.co/public/git-sig">git-sig: a multi-sig trust toolkit for git</a></li>
</ul>
<h4>Research</h4>
<ul>
<li><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39910">CVE-2023-39910</a></li>
<li><a href="https://milksad.info">MilkSad</a></li>
<li><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9234">CVE-2018-9234</a></li>
<li><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9057">CVE-2018-9057</a></li>
<li><a href="https://www.vice.com/en/article/3kxy4k/high-tech-japanese-hotel-service-robots-easily-hackable">Japanese Robot Hotel</a></li>
</ul>
</div>
</section>
</main>
{%- include footer.html -%}
</div>
</body>
</html>