Website upgrade #2

Closed
anton wants to merge 0 commits from facelift into main
Owner
  • Update homepage with more content
  • Create a dedicated services page
* Update homepage with more content * Create a dedicated services page
anton added 1 commit 2023-10-14 13:48:13 +00:00
anton added 1 commit 2023-10-18 23:44:25 +00:00
anton added 1 commit 2023-10-19 00:19:02 +00:00
anton added 1 commit 2023-10-19 18:22:15 +00:00
anton added 1 commit 2023-10-24 16:47:43 +00:00
anton added 1 commit 2023-10-24 17:14:29 +00:00
anton added 1 commit 2023-10-24 17:15:12 +00:00
anton added 1 commit 2023-10-24 17:16:47 +00:00
anton added 1 commit 2023-10-24 17:18:36 +00:00
ryan approved these changes 2023-10-27 17:21:54 +00:00
lrvick reviewed 2023-11-02 06:38:08 +00:00
@ -0,0 +12,4 @@
<div class="flex-container-inner">
<div class="text-well">
<h2>Understand and mitigate security threats others won't see coming.</h2>
<p>We believe security compromises to your systems and personnel are <b>inevitable</b>. Allow our team of expert technologists to help you reduce the likelihood and impact of security risks by thinking from first principles.</p>
Owner

I don't want to ever use the word expert to describe ourselves.

I prefer "experienced security engineers" and then we can change "security risks" to just "risks" since we just used the word security so it is implied.

I don't want to ever use the word expert to describe ourselves. I prefer "experienced security engineers" and then we can change "security risks" to just "risks" since we just used the word security so it is implied.
anton marked this conversation as resolved
lrvick reviewed 2023-11-02 06:52:33 +00:00
@ -0,0 +29,4 @@
<div class="flex-container-inner">
<div class="text-well">
<h2>We help secure the industry leaders.</h2>
<p>Some of the most sophisticated and sensitive systems in the industry have benefited from Distrust helping ensure that they are properly secured. Our clients see us as someone who will help them catch risks that aren't on other firm's radars.</p>
Owner

We already said "catch the risks others won't see coming" earlier so this reads as repetitive.

How about:

"We specialize in working with high risk clients"
"If you protect valuable assets or data, or provide software to others that do, your adversaries will not play fair. We want to help you protect your team and remove single points of failure in your stack"

We already said "catch the risks others won't see coming" earlier so this reads as repetitive. How about: "We specialize in working with high risk clients" "If you protect valuable assets or data, or provide software to others that do, your adversaries will not play fair. We want to help you protect your team and remove single points of failure in your stack"
anton marked this conversation as resolved
lrvick reviewed 2023-11-02 07:04:07 +00:00
@ -0,0 +144,4 @@
<div class="text-well">
<h3>Security Assessment</h3>
<p>Holistic assessments of systems tailored to your needs. We leverage our in house expertise to analyze your system, thinking from first principles, in order to ensure its design, implementation and deployment all work coherently to establish a strong security posture.</p>
Owner

We offer full stack security assessments, covering anything that is in scope for a sophisticated adversary from compromising a third party library, bribing a devops engineer, or finding a oversight in your code. While we will point out specific flaws we find, we feel we offer the most value in helping you identify where you can make strategic improvements to your architecture to take entire classes of risk off the table.

We offer full stack security assessments, covering anything that is in scope for a sophisticated adversary from compromising a third party library, bribing a devops engineer, or finding a oversight in your code. While we will point out specific flaws we find, we feel we offer the most value in helping you identify where you can make strategic improvements to your architecture to take entire classes of risk off the table.
anton marked this conversation as resolved
lrvick reviewed 2023-11-02 07:13:56 +00:00
@ -0,0 +153,4 @@
<div class="text-well">
<h3>Security Engineering</h3>
<p>Our team consists of engineers who are experts in a wide range of areas ranging across applied cryptography, HSMs, secure coding using languages such as rust and golang, quorum authentication, kernel hardening, CI/CD hardening and more. Leverage our experience to ensure your systems are secure by design, and use the best available architecture patterns.</p>
Owner

Again, I dislike self-selling ourselves as experts. If others want to call us that, we can't stop them, but it is not for us to claim.

We should always favor being conservative over salesy and our potential customers can see our work and decide for themselves if we have the required expert-ise.

How about:

"Our team is comprised security engineers with past lives as full time system administrators, and software engineers. We have extensive first hand experience in actually implementing custom security defenses for high risk organizations. We are happy to get as deep into the weeds planning new defense strategy as you like from Linux kernel hardening, to supply chain signing, to code quality and library choices."

Again, I dislike self-selling ourselves as experts. If others want to call us that, we can't stop them, but it is not for us to claim. We should always favor being conservative over salesy and our potential customers can see our work and decide for themselves if we have the required expert-ise. How about: "Our team is comprised security engineers with past lives as full time system administrators, and software engineers. We have extensive first hand experience in actually implementing custom security defenses for high risk organizations. We are happy to get as deep into the weeds planning new defense strategy as you like from Linux kernel hardening, to supply chain signing, to code quality and library choices."
anton marked this conversation as resolved
lrvick reviewed 2023-11-02 07:16:07 +00:00
@ -0,0 +162,4 @@
<div class="text-well">
<h3>Retained Security Support</h3>
<p>If you need additional security support, you can hire our team on retainer to have us available when you need us most. Our varied expertise allows us to assist you with a wide variety of security related challenges and activities.</p>
Owner

varied and variety feels repetitive. Let's reword

varied and variety feels repetitive. Let's reword
anton marked this conversation as resolved
lrvick reviewed 2023-11-02 07:24:28 +00:00
@ -0,0 +171,4 @@
<div class="text-well">
<h3>Research & Development</h3>
<p>Our team is active in both open source development and security research. We strive to build the tools that we feel will have the most impact on the overall security and privacy of internet users.</p>
Owner

Maybe something like:

"Rather than write the same document or tool 10 times and bill each client for it, we focus our unused retainer hours on open sourcing every document and tool we legally can, so we can focus our time with clients on their unique situations. If we are doing public work you would like so see more of, or that -almost- meets your needs, we would love to hear that and figure out a path to see your needs met."

Maybe something like: "Rather than write the same document or tool 10 times and bill each client for it, we focus our unused retainer hours on open sourcing every document and tool we legally can, so we can focus our time with clients on their unique situations. If we are doing public work you would like so see more of, or that -almost- meets your needs, we would love to hear that and figure out a path to see your needs met."
anton marked this conversation as resolved
lrvick reviewed 2023-11-02 07:26:34 +00:00
@ -0,0 +13,4 @@
<div class="flex-container-inner">
<div class="text-well">
<h2>How can we help you?</h2>
<p>Distrust offers a wide range of services which are tailored to your organization. Whether you need a complete security assessment, building a security program from scratch, or want to focus on assessing a specific aspect of your organization or system - we are here to help. Our experienced staff will work closely with you to understand your unique needs and create a tailor made solution that works for you.</p>
Owner

We want to avoid putting more proprietary code into the world. We can advise people on their private code, or write code that can be audited by anyone.

Maybe "building a security program from scratch" to "creating or improving an open source security tool"

We want to avoid putting more proprietary code into the world. We can advise people on their private code, or write code that can be audited by anyone. Maybe "building a security program from scratch" to "creating or improving an open source security tool"
anton marked this conversation as resolved
lrvick reviewed 2023-11-02 07:27:16 +00:00
@ -0,0 +49,4 @@
<div class="flex-container-inner">
<div class="text-well">
<h3>Security Engineering</h3>
<p>Our team consists of engineers who are experts in a wide range of areas ranging across applied cryptography, HSMs, secure coding using languages such as rust and golang, quorum authentication, kernel hardening, CI/CD hardening and more. Leverage our experience to ensure your systems are secure by design, and use the best available architecture patterns.</p>
Owner

Usual "expert" comment here

Usual "expert" comment here
anton marked this conversation as resolved
lrvick reviewed 2023-11-02 07:32:43 +00:00
@ -0,0 +70,4 @@
<div class="flex-container-inner">
<div class="text-well">
<h3>Retained Security Support</h3>
<p>If you need additional security support, you can hire our team on retainer to have us available when you need us most. Our varied expertise allows us to assist you with a wide variety of security related challenges and activities.</p>
Owner

varied and variety in the same sentence, and sounds like a repeat of the same thing said elsewhere.

How about.

"We offer monthly retainer contracts to augment your existing security team with access to our combined experience as needed. You can drop questions to our team in a chat, or include is in security-relevant meetings as you like. Almost anything an in-house security team might do to protect your organization is in scope for us as well, including qualifying candidates, conducting interviews, reviewing code, evaluate third party risks, or be a security voice in the room when you are planning new products."

varied and variety in the same sentence, and sounds like a repeat of the same thing said elsewhere. How about. "We offer monthly retainer contracts to augment your existing security team with access to our combined experience as needed. You can drop questions to our team in a chat, or include is in security-relevant meetings as you like. Almost anything an in-house security team might do to protect your organization is in scope for us as well, including qualifying candidates, conducting interviews, reviewing code, evaluate third party risks, or be a security voice in the room when you are planning new products."
anton marked this conversation as resolved
lrvick reviewed 2023-11-02 07:33:14 +00:00
@ -0,0 +90,4 @@
<div class="flex-container-inner">
<div class="text-well">
<h3>Research & Development</h3>
<p>Our team is active in both open source development and security research. We strive to build the tools that we feel will have the most impact on overall security and privacy of internet users.</p>
Owner

maybe copy the blurb from the frontpage here as well

maybe copy the blurb from the frontpage here as well
anton marked this conversation as resolved
anton added 1 commit 2023-11-02 13:01:39 +00:00
ryan requested changes 2023-11-02 18:09:04 +00:00
@ -0,0 +13,4 @@
<div class="flex-container-inner">
<div class="text-well">
<h2>How can we help you?</h2>
<p>Distrust offers a wide range of services which are tailored to your organization. Whether you need a complete security assessment, want to create or improve an open source security tool, need a security built from scratch, or want to focus on assessing a specific aspect of your organization or system - we are here to help. Our experienced staff will work closely with you to understand your unique needs and create a tailor made solution that works for you.</p>
Owner

"need a security built from scratch" => "need security tooling tailored to your needs" ?

"from scratch" may imply we're not using or building atop existing tooling.

"need a security built from scratch" => "need security tooling tailored to your needs" ? "from scratch" may imply we're not using or building atop existing tooling.
anton marked this conversation as resolved
@ -0,0 +29,4 @@
<div class="flex-container-inner">
<div class="text-well">
<h3>Security Assessment</h3>
<p>Holistic assessments of systems tailored to your needs. We leverage our in house expertise to analyze your system, thinking from first principles, in order to ensure its design, implementation and deployment all work coherently to establish a strong security posture. The methodologies we leverage vary based on the context, and client needs.</p>
Owner

remove comma between "context, and client needs". only add comma after three items

remove comma between "context, and client needs". only add comma after three items
anton marked this conversation as resolved
@ -0,0 +49,4 @@
<div class="flex-container-inner">
<div class="text-well">
<h3>Security Engineering</h3>
<p>Our team consists of engineers who are experienced in a wide range of areas spanning across applied cryptography, HSMs, secure coding using languages such as rust and golang, quorum authentication, kernel hardening, CI/CD hardening and more. Leverage our experience to ensure your systems are secure by design, and use the best available architecture patterns.</p>
Owner

i would argue an oxford comma but i want to get this merged

i would argue an oxford comma but i want to get this merged
anton marked this conversation as resolved
@ -0,0 +70,4 @@
<div class="flex-container-inner">
<div class="text-well">
<h3>Retained Security Support</h3>
<p>We offer monthly retainer contracts to augment your existing security team with access to our combined experience as needed. You can drop questions to our team in a chat, or include is in security-relevant meetings as you like. Almost anything an in-house security team might do to protect your organization is in scope for us as well, including qualifying candidates, conducting interviews, reviewing code, evaluate third party risks, or be a security voice in the room when you are planning new products.</p>
Owner

"or include is in security-relevant meetings" ?

"or include is in security-relevant meetings" ?
anton marked this conversation as resolved
@ -0,0 +90,4 @@
<div class="flex-container-inner">
<div class="text-well">
<h3>Research & Development</h3>
<p>Rather than write the same document or tool 10 times and bill each client for it, we focus our unused retainer hours on open sourcing every document and tool we legally can, so we can focus our time with clients on their unique situations. If we are doing public work you would like so see more of, or that -almost- meets your needs, we would love to hear that and figure out a path to see your needs met.</p>
Owner

use proper emphasis: <i>almost</i> almost vs -almost-.

use proper emphasis: `<i>almost</i>` _almost_ vs -almost-.
anton marked this conversation as resolved
anton added 1 commit 2023-11-02 18:53:15 +00:00
anton requested review from ryan 2023-11-02 20:22:16 +00:00
ryan approved these changes 2023-11-03 14:39:12 +00:00
Owner

Merged manually.

Merged manually.
ryan closed this pull request 2023-11-08 20:42:50 +00:00
ryan deleted branch facelift 2023-11-11 01:14:02 +00:00

Pull request closed

Sign in to join this conversation.
No reviewers
No Label
No Milestone
No project
No Assignees
3 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: public/website#2
No description provided.