Contact Us
Home
Solving Your Complex Core Business Risks In An Innovative, Pragmatic, Cost-Effective Way
Solutions
Results
Tools
Resources
About KoreLogic

What people are saying:

"I want to thank KoreLogic...you put three of your best engineers on the project due to our launch date. Two of the engineers cancelled their vacations to work on the project. Your results / report were 1000x better than previously received. The other reports were ants, yours was an elephant."  - Wireless Service Provider, Compliance Officer


News and Events:

May 16, 2008: Enterprise Security Day hosted by Microsoft and KoreLogic.  Click here for more information.

June, 2008: KoreLogic to present "Malware Analysis: The Forgotten Forensic Skill" at GFIRST

February 5, 2008: KoreLogic staff presented "Burying Your Head in the SandNet" at the CFS conference in Washington, DC. Click here to download the presentation.

September 25, 2007: KoreLogic cofounder and author of FTimes lectured at Towson University's Computer & Network Forensics class (AIT 650).

May 23, 2007: KoreLogic cofounder presented "Web Application Security Metrics" at the NY-ISSA Annual Security Conference.

May 8, 2007: KoreLogic staff presented "The Forensic Katana - Digital File Carving" at the CEIC conference in Las Vegas. Click here to browse the slides and/or handouts.

March 25, 2007: KoreLogic cofounders presented "Home-grown Crypto (aka Taking a Shiv to a Gun Fight)" at the ShmooCon conference in Washington D.C. Click here to watch a video of the presentation.

Our team averages over a decade of information security experience. This includes careers with various security consultancies and security roles such as Security Officer of the United States Securities and Exchange Commission (SEC), Senior Security Analyst at the National Security Agency (NSA), developers of the U.S. House of Representatives Internet infrastructure, Chief Architect of integrity monitoring solutions for a global web-hosting firm, and developers of various tools and resources.

KoreLogic is headquartered near Washington, DC with staff located throughout the US in DC area, Richmond, VA, Austin, TX, Phoenix, AZ, Chicago, IL, Boston, MA, Miami, FL and
Cleveland OH.

Why KoreLogic?  KoreLogic differentiates itself from other firms in the following ways:

bullet

Customer Satisfaction/Retention — We are proud of the fact that our clients respect the work we provide and continue to engage us over time.  KoreLogic's ability to retain its talented staff ensures project-to-project and year-to-year continuity.  
bullet

Innovative — We solve hard security problems using our R&D knowledge base and our team's real world experience.  The team is particularly skilled in discovering root sources of threats and vulnerabilities and recommending systemic solutions to help ensure long-term improvement. 
bullet

Security Leadership — Our staff possesses great passion for the security discipline.  This is reflected by the following:

  • Winners of the 2006 File Carving Challenge at the 6th Annual Digital Forensic Research Workshop (DFRWS)
  • KoreLogic leading two OWASP projects (Metrics and Security Assessment Standard) and presented three sessions at the 2006 OWASP Conference
  • Invited speakers at SIM, ISSA, and academic institutions (i.e. Towson, Norwich, Texas, Purdue University, George Washington)
  • Authored various open source security-forensic tools and detection signatures
  • 400+ Security Assessments completed (infrastructure and application levels)
bullet

Efficient and Experienced Management — We have a flat organizational structure for optimal efficiency. KoreLogic's President (bio) and Director of Security Services (bio) provide direct client services and operations management duties, both of which are senior security practitioners.
bullet

Expert Methodology — We emphasize expert analysis. We do not rely solely on commercial or Open Source tools, and we go beyond such tools by testing manually and writing our own specialized assessment tools. We are particularly adept at discovering root sources of issues and recommending systemic solutions to facilitate long-term mitigation.
bullet

Effective, Balanced Deliverables — We provide risk-based security advice that is tailored to be readily understood by both technical and management staff. We provide reports with recommendations that balance security needs against business requirements and operational efficiency.
bullet

Objectivity = Success — We recommend what is best for our clients with no back-end integration motives. We are completely vendor-independent.  We believe that satisfied clients make us successful. Our success is not subservient to venture capital or other profit-first decision-making.
bullet

Focused on Security — We are not part of a larger diversified company. As a result, our focus remains on delivering superior information security services to our clients.
bullet

Our strategy and approach synchronize the goals and objectives of our clients. KoreLogic's core values of commitment—commitment to our client, commitment to secure business enablement, commitment to technological innovation, commitment to secure solution enhancement and evolution—are central to our solution delivery.

If you would like more information about us, our services, our tools, careers with us or to enter your email address to subscribe to our monthly newsletter: Contact Us
© Copyright 2008. KoreLogic Security. All rights reserved.