enterprisesecuritymag

InGuardians: Finding the ‘Achilles Heel’ of Cloud Security

Follow InGuardians on :

Jay Beale, Founder, InGuardiansJay Beale, Founder
The 1992 star-studded techno-thriller, Sneakers, introduced the idea of red team penetration testing in one of the iconic scenes from the movie, resulting in the question: “So, people hire you to break into their places to make sure no one else can break into their places?”

Considered primarily a military and government exercise at the time, penetration testing has become a significant part of the enterprise’s information security practice. Penetration testing is where InGuardians, an independent information security consulting company, cements their cornerstone. The company assembles the brightest minds in information security and channels their collective talents to provide high-value penetration testing, and trusted advisory services. Speaking from InGuardians’ downtown Seattle office, CTO and co-founder of InGuardians, Jay Beale, mentions, “The key idea behind this “red team” approach stems from a famous strategy by the military strategist and philosopher, Sun Tzu.” In “the Art of War,” Sun Tzu writes, “to secure ourselves against defeat lies in our own hands, but the opportunity of defeating the enemy is provided by the enemy himself.” In this day and age, where both startups and Fortune 500 companies are racing toward a digitally-connected world of cloud services, Beale highlights that penetration testing is the only way a company can realistically assess their information security risks and secure itself against defeat.

In order to assess your organization’s information security posture, InGuardians recommends a combination of security architecture reviews and penetration testing. During a security architecture review, InGuardians analyzes security controls, configurations, and overarching architecture in order to recommend mitigating controls and technology changes. In contrast, penetration testing compromises actual threat vectors in order to test an organization’s readiness to detect, deter, and withstand cyber attacks.

The company assembles the brightest minds in information security and channels their collective talents to provide high-value penetration test and advisory services for cloud security


For clients with a more mature security model, InGuardians recommends a red team penetration test, which brings both stealth and the high-end tactics, techniques and procedures used in high profile hacks. Organizations using public cloud systems like AWS, Azure and Google Cloud, and container orchestration systems like Kubernetes and Docker Swarm, benefit from penetration tests.

Beale attributes InGuardians’ success in cloud security in particular to its experienced and motivated team. “Our consultants train the industry and create tools for container testing and security,” he says. “Whether clients are building a product that integrates one of these systems or use these systems to offer their public/internal services, InGuardians can emulate attacks and advise on improvements, thinking from the mindset of an attacker.” The firm has already made a name for itself on the Kubernetes front. Jay Beale currently serves as co-lead of the Kubernetes Project’s Security Audit Working Group. The team has also developed open-source projects for Kubernetes, including Peirates—a Kubernetes penetration-testing tool, and Bustakube—an intentionally-vulnerable Kubernetes cluster, built as a teaching tool.

Flying on the wings of its expertise in the penetration-testing arena, the company is presently focusing on the cloud-native solution providers that are continually expanding their ecosystem with new products and services. Considering the ever-changing landscape of technology sector, Beale believes that there will be many opportunities for InGuardians to showcase their capabilities in the coming future. “So far in our journey we have targeted the orchestration and management infrastructure of virtualization, Industrial Control Systems (ICS), Industrial Internet of Things (IIoT), and cloud. As digital transformation continues to push the horizon, we are excited to embrace the opportunities that come our way,” concludes Beale.
Share this Article:
InGuardians

Company
InGuardians

Headquarters
Washington D.C., Chicago IL and Seattle, WA

Management
Jay Beale, Founder and Jimmy Alderson, Founder, Michael Poor, Founder, Robert Hillery, Founder,

Description
InGuardians is an independent information security consulting company providing high-value services. Our specialties include Red Team Penetration Testing, Security Architecture Reviews, ICS and IIoT Security, Incident Response, and Custom Training. InGuardians is recognized as a leader in cloud and container security. The InGuardians team delivers talks and training on Kubernetes and container security, penetration testing, and other specialized topics at top industry conferences like RSA, DEF CON, and the Black Hat Briefings. InGuardians’ CTO co-led the Kubernetes project’s Security Audit Working Group. The team has developed Open Source projects for Kubernetes, including Peirates, a Kubernetes penetration testing tool, and Bustakube, an intentionally-vulnerable Kubernetes cluster built as a teaching tool. Established in 2003 by industry veterans, InGuardians brings technical experience and business acumen to your projects.