public
/
website
5
0
Fork 0
Code Issues Pull Requests 3 Packages Projects Releases Wiki Activity

update service offering details

This commit is contained in:
Anton Livaja 2023-10-18 19:43:41 -04:00
parent fa4712874d
commit ad2bd9100f
Signed by: anton
GPG Key ID: 44A86CFF1FDF0E85
5 changed files with 75 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
_layouts/default.html
View File

@ -1,5 +1,5 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: "en" }}">
<html lang="{{ page.lang | default: site.lang | default: " en" }}">
{%- include head.html -%}

2
_sass/base.scss
View File

@ -132,7 +132,7 @@ section {
}
.companies a img {
height: 40px;
height: 30px;
}
.companies a:hover {

BIN
assets/base/bananaz.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 580 KiB

77
index.md
View File

@ -14,8 +14,8 @@ We believe security compromises to your systems and personnel are *inevitable*.
---
<section>
<h3>Some of the companies we have provided security services for include...</h3>
<br/>
<h4>Some of the companies we have provided security services for include...</h4>
<br />
<div class="flex-container companies">
<div>
<a href="https://bitgo.com">
@ -32,17 +32,17 @@ We believe security compromises to your systems and personnel are *inevitable*.
<img src="assets/base/companies/bishop-fox-dark.png" />
</a>
</div>
</div>
<br>
<div class="flex-container companies">
<div>
<a href="http://www.ledn.io/">
<img src="assets/base/companies/ledn-white.svg" />
</a>
</div>
<div>
<a href="http://www.falconx.io/">
<img src="assets/base/companies/falconx-white.svg" />
</div>
<br>
<div class="flex-container companies">
<div>
<a href="http://www.turnkey.io/">
<img src="assets/base/companies/turnkey-black.svg" />
</a>
</div>
<div>
@ -50,10 +50,7 @@ We believe security compromises to your systems and personnel are *inevitable*.
<img src="assets/base/companies/exodus-white.svg" />
</a>
</div>
</div>
<br/>
<div class="flex-container companies">
<div>
<div>
<a href="https://siderolabs.com">
<img src="assets/base/companies/sidero-labs-white.png" />
</a>
@ -63,45 +60,40 @@ We believe security compromises to your systems and personnel are *inevitable*.
<img src="assets/base/companies/zoom.webp" />
</a>
</div>
</div>
<br />
<div class="flex-container companies">
<div>
<a href="https://mystenlabs.com">
<img src="assets/base/companies/mysten-labs-white.svg" />
</a>
</div>
</div>
<br/>
<div class="flex-container companies">
<div>
<a href="http://www.hashicorp.io/">
<img src="assets/base/companies/hashicorp-white.png" />
</a>
</div>
<div>
<a href="http://www.primetrust.com/">
<img src="assets/base/companies/prime-trust-white.svg" />
</a>
</div>
<div>
<a href="http://www.distributedglobal.com/">
<img src="assets/base/companies/distributed-global.jpeg" />
</a>
</div>
<div>
<a href="http://www.hashicorp.io/">
<img src="assets/base/companies/hashicorp-white.png" />
</a>
</div>
<div>
<a href="http://www.b1.com/">
<img src="assets/base/companies/block-one-dark.svg" />
</a>
</div>
<div>
<div>
<a href="https://fitbit.com">
<img src="assets/base/companies/fitbit-white.png" />
</a>
</div>
</div>
<br/>
<br />
<div class="flex-container companies">
<div>
<a href="http://www.turnkey.io/">
<img src="assets/base/companies/turnkey-black.svg" />
<a href="http://www.falconx.io/">
<img src="assets/base/companies/falconx-white.svg" />
</a>
</div>
<div>
@ -119,39 +111,34 @@ We believe security compromises to your systems and personnel are *inevitable*.
<img src="assets/base/companies/ankr.png" />
</a>
</div>
<div>
<a href="http://www.investvoyager.com/">
<img src="assets/base/companies/voyager-white.png" />
</a>
</div>
</div>
<br/>
<br/>
<br />
<br />
</section>
---
<section>
<h1>Services</h1>
<p>Distrust offers a wide range of services which are tailored to your organization. Whether you need a complete security assessment, building a security program from scratch, or want to focus on a specific aspect of your organization or system - we are here to help. Our experienced staff will work closely with you to understand your unique needs and create a tailor made solution that works for you.</p>
<p>Distrust offers a wide range of services which are tailored to your organization. Whether you need a complete security assessment, need help building a security program from scratch, or want to focus on a specific aspect of your organization or system - we are here to help. Our experienced staff will work closely with you to understand your unique needs and create a tailor made solution that works for you.</p>
<div class="flex-container">
<div class="sub-container">
<h3>CISO / Head of Security / Security Engineer on Demand</h3>
<p>Leverage Distrust's team of experts as needed to assist you in building and maintaining all aspects of your security programs.</p>
<h3>Security Assessment</h3>
<p>Holistic assessments of systems tailored to your needs. We leverage our in house expertise to analyze your system, thinking from first principles, in order to ensure its design, implementation and deployment all work coherently to establish a strong security posture.</p>
</div>
<div class="sub-container">
<h3>Penetration Testing and Security Assessment</h3>
<p>Distrust has a long and successful track record of helping companies find security weaknesses and ensure that they can release software confidently.</p>
<h3>Security Engineering</h3>
<p>Our team consists of engineers who are experts in a wide range of areas ranging across applied cryptography, HSMs, secure coding using languages such as rust and golang, quorum authentication, kernel hardening, CI/CD hardening and more. Leverage our experience to ensure your systems are secure by design, and use the best available architecture patterns.</p>
</div>
</div>
<div class="flex-container">
<div class="sub-container">
<h3>Cryptographic System Design, Escrow and Consulting</h3>
<p>Distrust specializes in building highly reliable and secure systems, via applied cryptography, for managing sensitive cryptographic material such as blockchain private keys. To achieve this our team uses a novel approach which leverages attestation, custom software, PKI, MPC and other methods.</p>
<h3>Retained Security Support</h3>
<p>If you need additional security support, you can hire our team on retainer to have us available when you need us most. Our varied expertise allows us to assist you with a wide variety of security related challenges and activities.</p>
</div>
<div class="sub-container">
<h3>System Hardening</h3>
<p>Reducing the surface area for attacks is the most effective way to reduce the likelihood of system compromise. By hardening the entire technology stack used, the attackers are left with nothing to grasp at.</p>
<h3>Research & Development</h3>
<p>Our team is active in both open source development in security research. We strive to build the tools that we feel will have the most impact on overall security and privacy of internet users.</p>
</div>
</div>
<div class="button-container">

80
services.md
View File

@ -9,47 +9,49 @@ Distrust offers a wide range of services which are tailored to your organization
---
### CISO / Head of Security / Security Engineer on Demand
Leverage Distrust's team of experts as needed to assist you in building and maintaining all aspects of your security programs.
* Network Architecture
* Access Permissions
* Security Hiring Advisory
* Business Continuity
* Secure Software Development Lifecycle
* Physical Security
* ... and more
### Security Assessment
Holistic assessments of systems tailored to your needs. We leverage our in house expertise to analyze your system, thinking from first principles, in order to ensure its design, implementation and deployment all work coherently to establish a strong security posture. The methodoligies we leverage vary based on the context but some things an engagement may consist of but are not limited to are:
* Penetration Testing
* Secure Code Review
* Cloud Configuration Review
---
### Penetration Testing and Security Assessment
Distrust has a long and successful track record of helping companies find security weaknesses and ensure that they can release software confidently.
* Web Application Penetration Testing
* Mobile Application Penetration Testing
* Software Supply Chain Integrity
* Cloud Infrastructure Security
* ... and more
---
### Cryptographic System Design, Escrow and Consulting
Distrust specializes in building highly reliable and secure systems, via applied cryptography, for managing sensitive cryptographic material such as blockchain private keys. To achieve this our team uses a novel approach which leverages attestation, custom software, asymmetric cryptography, MPC and other methods.
* Private Key Lifecycle Management (Generating, Storing, Sharing, Backup etc.)
* Secure Enclaves
* HSMs
### Security Engineering
Our team consists of engineers who are experts in a wide range of areas ranging across applied cryptography, HSMs, secure coding using languages such as rust and golang, quorum authentication, kernel hardening, CI/CD hardening and more. Leverage our experience to ensure your systems are secure by design, and use the best available architecture patterns. Some examples of what clients rely on us to assist in:
* Secure Code Development
* Cryptocurrency Custodial Solution Design, Architecture, and Review
* Quorum Authentication Design
... and more
---
### System Hardening
Reducing the surface area for attacks is the most effective way to reduce the likelihood of system compromise. By hardening the entire technology stack used, the attackers are left with nothing to grasp at.
* OS Hardening and Custom Kernel Advisory
* Production Engineering Practice
* Reproducible / Deterministic Build Pipelines (CI/CD)
* Immutable Infrastructure
* Quorum Authentication Design
* ... and more
* Cryptographic Key Escrow / Signer
* Reproducible / Deterministic Builds
* Production Engineering Practices
---
### Retained Security Support
If you need additional security support, you can hire our team on retainer to have us available when you need us most. Our varied expertise allows us to assist you with a wide variety of security related challenges and activities. We aid our clients in a variety of security related areas such as, but not limited to:
* Security Program Development
* General Security Consulting
* Assistance With Hiring Security Talent
* Business Continuity Planning: Black Swan Events
* Physical Security
---
### Research & Development
Our team is active in both open source development in security research. We strive to build the tools that we feel will have the most impact on overall security and privacy of internet users.
#### Development
* [keyfork](https://git.distrust.co/public/keyfork)
* [ocirep](https://git.distrust.co/public/ocirep)
* [airgap](https://git.distrust.co/public/airgap)
* [gitsig](https://git.distrust.co/public/git-sig)
#### Research
* CVE-2023-39910: Weak entropy in Libbitcoin Explorer 3.0.0 through 3.6.0
* [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39910](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39910)
* [https://milksad.info](https://milksad.info)
* [CVE-2018-9234 - GnuPG: Able to certify public keys without a certify key present when using smartcard](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9234)
* [CVE-2018-9057 - Terraform: Weak password generator for AWS IAM roles](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9057)
* [Japanese Robot Hotel](https://www.vice.com/en/article/3kxy4k/high-tech-japanese-hotel-service-robots-easily-hackable)