Where are the gaps in your processes?
In a gap analysis, Jemurai will examine existing processes, controls and countermeasures then compare them to industry best practices in order to help a customer identify areas they need to invest more in.
How does it work?
Performing a gap analysis involves building an inventory of assets and security practices. During a gap analysis, Jemurai will:
- Conduct information gathering interviews with various folks within the organization
- Leverage industry experience and data to contextualize the recommendations
- Deliver a prioritized set of recommendations for improving an organizations security posture
Examples of recommendations might be:
- To build a secure software development process
- To improve event monitoring or partner with an MSSP
- To build an incident response plan
Who should be interested?
Organizations organizations wishing to validate their current approach to security and to troubleshoot or improve them, a gap analysis can be a good start.
What does it cost?
A gap analysis is a short consulting engagement requiring anywhere from a day to a week. Depending largely on how complicated an organization and structure the client has.
Jemurai provides a number of security services, including pure manual security code review, security architecture review, application scanning and testing and can engage with organizations to develop security programs and build security into their SDLC.