SoCal InfoSec Group
Cybersecurity breach incident response





enterprise threat & vulnerability assessments

We move our clients beyond the checklist mentality of compliance for security. Through the use industry frameworks, (NIST & CIS) our firm maps likely threats to vulnerabilities discovered during our assessment. A through analysis is completed and the output is a road-map for remediation, mitigation, transfer or elimination of the risks identified through this process.


Penetration testing

Modeling the activities of a real world attacker we offer our clients the insight into their security weaknesses and offer comprehensive recommendations to eliminate vulnerabilities and reduce their attack surface.


Incident response

Our team has had to answer these questions as a client and for our clients. We have developed a set of proven best practices that will give your organization a jump start on enhancing or developing your Incident Response program. Think you have a great plan? Then let us conduct a tabletop exercise to see how well your plan holds up.



Third-party suppliers play a huge role in most businesses. The most notable data breaches you have read about in the news have occurred due to a breach via a trusted vendor. Are you confident about you vendor’s security posture? Do you use custom made apps that you don’t control?


Risk & Compliance Assessments

Armed with years of experience, we have stood inspections and passed countless audits. We work with all standards - NIST 800, HIPAA, PCI-DSS, ISO - and can help you pass your next audit.


policy & standards review & development

Deploy education, training, and actionable policies for end users and business leaders to lead the organization towards a more mature risk posture.


***This is not an exhaustive list of the services we offer. If you need a service not listed, please send us a message. You don't have to be a large business to have a cybersecurity concern, and we work with companies of all sizes.