update service offering details

This commit is contained in:
Anton Livaja 2023-10-18 19:43:41 -04:00
parent fa4712874d
commit ad2bd9100f
Signed by: anton
GPG Key ID: 44A86CFF1FDF0E85
5 changed files with 75 additions and 86 deletions

View File

@ -1,5 +1,5 @@
<!DOCTYPE html> <!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: "en" }}"> <html lang="{{ page.lang | default: site.lang | default: " en" }}">
{%- include head.html -%} {%- include head.html -%}

View File

@ -132,7 +132,7 @@ section {
} }
.companies a img { .companies a img {
height: 40px; height: 30px;
} }
.companies a:hover { .companies a:hover {

Binary file not shown.

Before

Width:  |  Height:  |  Size: 580 KiB

View File

@ -14,8 +14,8 @@ We believe security compromises to your systems and personnel are *inevitable*.
--- ---
<section> <section>
<h3>Some of the companies we have provided security services for include...</h3> <h4>Some of the companies we have provided security services for include...</h4>
<br/> <br />
<div class="flex-container companies"> <div class="flex-container companies">
<div> <div>
<a href="https://bitgo.com"> <a href="https://bitgo.com">
@ -32,17 +32,17 @@ We believe security compromises to your systems and personnel are *inevitable*.
<img src="assets/base/companies/bishop-fox-dark.png" /> <img src="assets/base/companies/bishop-fox-dark.png" />
</a> </a>
</div> </div>
</div>
<br>
<div class="flex-container companies">
<div> <div>
<a href="http://www.ledn.io/"> <a href="http://www.ledn.io/">
<img src="assets/base/companies/ledn-white.svg" /> <img src="assets/base/companies/ledn-white.svg" />
</a> </a>
</div> </div>
</div>
<br>
<div class="flex-container companies">
<div> <div>
<a href="http://www.falconx.io/"> <a href="http://www.turnkey.io/">
<img src="assets/base/companies/falconx-white.svg" /> <img src="assets/base/companies/turnkey-black.svg" />
</a> </a>
</div> </div>
<div> <div>
@ -50,9 +50,6 @@ We believe security compromises to your systems and personnel are *inevitable*.
<img src="assets/base/companies/exodus-white.svg" /> <img src="assets/base/companies/exodus-white.svg" />
</a> </a>
</div> </div>
</div>
<br/>
<div class="flex-container companies">
<div> <div>
<a href="https://siderolabs.com"> <a href="https://siderolabs.com">
<img src="assets/base/companies/sidero-labs-white.png" /> <img src="assets/base/companies/sidero-labs-white.png" />
@ -63,29 +60,24 @@ We believe security compromises to your systems and personnel are *inevitable*.
<img src="assets/base/companies/zoom.webp" /> <img src="assets/base/companies/zoom.webp" />
</a> </a>
</div> </div>
</div>
<br />
<div class="flex-container companies">
<div> <div>
<a href="https://mystenlabs.com"> <a href="https://mystenlabs.com">
<img src="assets/base/companies/mysten-labs-white.svg" /> <img src="assets/base/companies/mysten-labs-white.svg" />
</a> </a>
</div> </div>
</div>
<br/>
<div class="flex-container companies">
<div>
<a href="http://www.hashicorp.io/">
<img src="assets/base/companies/hashicorp-white.png" />
</a>
</div>
<div>
<a href="http://www.primetrust.com/">
<img src="assets/base/companies/prime-trust-white.svg" />
</a>
</div>
<div> <div>
<a href="http://www.distributedglobal.com/"> <a href="http://www.distributedglobal.com/">
<img src="assets/base/companies/distributed-global.jpeg" /> <img src="assets/base/companies/distributed-global.jpeg" />
</a> </a>
</div> </div>
<div>
<a href="http://www.hashicorp.io/">
<img src="assets/base/companies/hashicorp-white.png" />
</a>
</div>
<div> <div>
<a href="http://www.b1.com/"> <a href="http://www.b1.com/">
<img src="assets/base/companies/block-one-dark.svg" /> <img src="assets/base/companies/block-one-dark.svg" />
@ -97,11 +89,11 @@ We believe security compromises to your systems and personnel are *inevitable*.
</a> </a>
</div> </div>
</div> </div>
<br/> <br />
<div class="flex-container companies"> <div class="flex-container companies">
<div> <div>
<a href="http://www.turnkey.io/"> <a href="http://www.falconx.io/">
<img src="assets/base/companies/turnkey-black.svg" /> <img src="assets/base/companies/falconx-white.svg" />
</a> </a>
</div> </div>
<div> <div>
@ -119,39 +111,34 @@ We believe security compromises to your systems and personnel are *inevitable*.
<img src="assets/base/companies/ankr.png" /> <img src="assets/base/companies/ankr.png" />
</a> </a>
</div> </div>
<div>
<a href="http://www.investvoyager.com/">
<img src="assets/base/companies/voyager-white.png" />
</a>
</div> </div>
</div> <br />
<br/> <br />
<br/>
</section> </section>
--- ---
<section> <section>
<h1>Services</h1> <h1>Services</h1>
<p>Distrust offers a wide range of services which are tailored to your organization. Whether you need a complete security assessment, building a security program from scratch, or want to focus on a specific aspect of your organization or system - we are here to help. Our experienced staff will work closely with you to understand your unique needs and create a tailor made solution that works for you.</p> <p>Distrust offers a wide range of services which are tailored to your organization. Whether you need a complete security assessment, need help building a security program from scratch, or want to focus on a specific aspect of your organization or system - we are here to help. Our experienced staff will work closely with you to understand your unique needs and create a tailor made solution that works for you.</p>
<div class="flex-container"> <div class="flex-container">
<div class="sub-container"> <div class="sub-container">
<h3>CISO / Head of Security / Security Engineer on Demand</h3> <h3>Security Assessment</h3>
<p>Leverage Distrust's team of experts as needed to assist you in building and maintaining all aspects of your security programs.</p> <p>Holistic assessments of systems tailored to your needs. We leverage our in house expertise to analyze your system, thinking from first principles, in order to ensure its design, implementation and deployment all work coherently to establish a strong security posture.</p>
</div> </div>
<div class="sub-container"> <div class="sub-container">
<h3>Penetration Testing and Security Assessment</h3> <h3>Security Engineering</h3>
<p>Distrust has a long and successful track record of helping companies find security weaknesses and ensure that they can release software confidently.</p> <p>Our team consists of engineers who are experts in a wide range of areas ranging across applied cryptography, HSMs, secure coding using languages such as rust and golang, quorum authentication, kernel hardening, CI/CD hardening and more. Leverage our experience to ensure your systems are secure by design, and use the best available architecture patterns.</p>
</div> </div>
</div> </div>
<div class="flex-container"> <div class="flex-container">
<div class="sub-container"> <div class="sub-container">
<h3>Cryptographic System Design, Escrow and Consulting</h3> <h3>Retained Security Support</h3>
<p>Distrust specializes in building highly reliable and secure systems, via applied cryptography, for managing sensitive cryptographic material such as blockchain private keys. To achieve this our team uses a novel approach which leverages attestation, custom software, PKI, MPC and other methods.</p> <p>If you need additional security support, you can hire our team on retainer to have us available when you need us most. Our varied expertise allows us to assist you with a wide variety of security related challenges and activities.</p>
</div> </div>
<div class="sub-container"> <div class="sub-container">
<h3>System Hardening</h3> <h3>Research & Development</h3>
<p>Reducing the surface area for attacks is the most effective way to reduce the likelihood of system compromise. By hardening the entire technology stack used, the attackers are left with nothing to grasp at.</p> <p>Our team is active in both open source development in security research. We strive to build the tools that we feel will have the most impact on overall security and privacy of internet users.</p>
</div> </div>
</div> </div>
<div class="button-container"> <div class="button-container">

View File

@ -9,47 +9,49 @@ Distrust offers a wide range of services which are tailored to your organization
--- ---
### CISO / Head of Security / Security Engineer on Demand ### Security Assessment
Leverage Distrust's team of experts as needed to assist you in building and maintaining all aspects of your security programs. Holistic assessments of systems tailored to your needs. We leverage our in house expertise to analyze your system, thinking from first principles, in order to ensure its design, implementation and deployment all work coherently to establish a strong security posture. The methodoligies we leverage vary based on the context but some things an engagement may consist of but are not limited to are:
* Network Architecture * Penetration Testing
* Access Permissions * Secure Code Review
* Security Hiring Advisory * Cloud Configuration Review
* Business Continuity
* Secure Software Development Lifecycle
* Physical Security
* ... and more
--- ---
### Penetration Testing and Security Assessment ### Security Engineering
Distrust has a long and successful track record of helping companies find security weaknesses and ensure that they can release software confidently. Our team consists of engineers who are experts in a wide range of areas ranging across applied cryptography, HSMs, secure coding using languages such as rust and golang, quorum authentication, kernel hardening, CI/CD hardening and more. Leverage our experience to ensure your systems are secure by design, and use the best available architecture patterns. Some examples of what clients rely on us to assist in:
* Web Application Penetration Testing * Secure Code Development
* Mobile Application Penetration Testing * Cryptocurrency Custodial Solution Design, Architecture, and Review
* Software Supply Chain Integrity
* Cloud Infrastructure Security
* ... and more
---
### Cryptographic System Design, Escrow and Consulting
Distrust specializes in building highly reliable and secure systems, via applied cryptography, for managing sensitive cryptographic material such as blockchain private keys. To achieve this our team uses a novel approach which leverages attestation, custom software, asymmetric cryptography, MPC and other methods.
* Private Key Lifecycle Management (Generating, Storing, Sharing, Backup etc.)
* Secure Enclaves
* HSMs
* Quorum Authentication Design * Quorum Authentication Design
... and more
---
### System Hardening
Reducing the surface area for attacks is the most effective way to reduce the likelihood of system compromise. By hardening the entire technology stack used, the attackers are left with nothing to grasp at.
* OS Hardening and Custom Kernel Advisory
* Production Engineering Practice
* Reproducible / Deterministic Build Pipelines (CI/CD)
* Immutable Infrastructure * Immutable Infrastructure
* Quorum Authentication Design * Cryptographic Key Escrow / Signer
* ... and more * Reproducible / Deterministic Builds
* Production Engineering Practices
---
### Retained Security Support
If you need additional security support, you can hire our team on retainer to have us available when you need us most. Our varied expertise allows us to assist you with a wide variety of security related challenges and activities. We aid our clients in a variety of security related areas such as, but not limited to:
* Security Program Development
* General Security Consulting
* Assistance With Hiring Security Talent
* Business Continuity Planning: Black Swan Events
* Physical Security
---
### Research & Development
Our team is active in both open source development in security research. We strive to build the tools that we feel will have the most impact on overall security and privacy of internet users.
#### Development
* [keyfork](https://git.distrust.co/public/keyfork)
* [ocirep](https://git.distrust.co/public/ocirep)
* [airgap](https://git.distrust.co/public/airgap)
* [gitsig](https://git.distrust.co/public/git-sig)
#### Research
* CVE-2023-39910: Weak entropy in Libbitcoin Explorer 3.0.0 through 3.6.0
* [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39910](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39910)
* [https://milksad.info](https://milksad.info)
* [CVE-2018-9234 - GnuPG: Able to certify public keys without a certify key present when using smartcard](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9234)
* [CVE-2018-9057 - Terraform: Weak password generator for AWS IAM roles](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9057)
* [Japanese Robot Hotel](https://www.vice.com/en/article/3kxy4k/high-tech-japanese-hotel-service-robots-easily-hackable)