2023-2024 Annual SLED Cybersecurity Priorities Report (CPR) Webinar

GuardsArm Inc assisted us in identifying the right assets to monitor and optimized our systems for optimal performance. Now, we only receive notifications for genuine threats, allowing my team to focus more on their key objectives.

We’ve partnered with GuardsArm Inc for several years to conduct quarterly vulnerability assessments. While our policy typically involves changing vendors every few years, the exceptional service from GuardsArm has made us feel no need to look elsewhere. The reports we receive are thorough and prioritize actionable remediation advice.

GuardsArm Inc performed a web application penetration test on several of our edge applications. They identified numerous configuration vulnerabilities, including insecure direct object reference (IDOR). They promptly alerted us and provided expert advice on how to resolve the issue. Their experienced engineers offered step-by-step guidance and conducted retests to ensure the critical vulnerability was fully addressed.

Wi-Fi—definitely a tricky beast to manage. We brought in GuardsArm Inc to assess the wireless networks we provide for employees and customers accessing our store services. Their team arrived onsite, setting up their “toolkit” with antennas all around. They successfully created a rogue access point, mimicking our legitimate ones, and users unknowingly connected. GuardsArm then initiated an evil twin attack to capture and inject packets into the network stream between user devices and other systems. They provided us with detailed findings, allowing us to educate users and improve their security practices.

GuardsArm Inc conducted an external penetration test on our networks and identified critical vulnerabilities. Before attempting to exploit them, they informed us of the potential host responses. Their twice-daily updates were extremely helpful to me and my team. Additionally, they offered valuable remedial guidance that allowed us to quickly address and resolve the vulnerabilities.

Our company outsources web development, so we asked GuardsArm Inc to review our source code and check for insecure API calls. The findings were shocking. It was unsettling to realize that the web developer we hired had left so many security flaws in our code. I can’t stress enough how reassuring it was to have the GuardsArm team provide us and our partner with clear, actionable recommendations to fix our source code.

GuardsArm Inc ran a phishing campaign against our employees by replicating a realistic payroll website used within our company. Their engineers captured several IT administrators' credentials. With domain administrator access, they were able to compromise our entire domain within just 20 minutes of launching the phishing campaign. This experience gave us the chance to demonstrate to leadership the importance of implementing stronger user account practices, multi-factor authentication (MFA), and enhanced user security awareness training, while ensuring we allocate the necessary funds for IT security in our annual budget.

GuardsArm Inc conducted an internal penetration test of our organization using one of our legacy network protocols. They successfully gained administrative access and pushed malicious code into our network. If this had been a real attack, we could have lost everything.

GuardsArm Inc's assessments offer us clear visibility into our third-party risk exposure. With over 40 vendors to manage, we lack the internal resources to conduct annual assessments. These insights are invaluable in guiding our decisions when selecting and managing partnerships.

GuardsArm Inc has been essential to the success of our SOC operations. Without their flexibility, expertise, and quick responses, our small SOC team wouldn’t be able to function effectively. GuardsArm consistently engages with us at both the operational and executive levels, always seeking innovative solutions. They don’t just think outside the box—they actually deliver results.