Our Approach - Our Approach from VeriSign, Inc.

You Are Here: US Home > Global Consulting Services > Global Security Consulting > About Global Security Consulting > Our Approach

Our Approach


Security Isn't Just About Security, It's About Your Business
Putting Your Business FirstSecurity isn't just about security, it's about your business. We've been in your world, shared your experience.
Weighing People and Practices, not just TechnologySecurity is more than technology. A great infrastructure isn't enough. Improving behavior, awareness, and training is essential.
Using Industry Standards as the FoundationOur work is built on the solid foundation of standards of good practice such as ISO27002, National Institute of Standards (NIST), and Control Objectives for Information and related Technology (COBIT).
Using Tools That Are Industry TestedWe use only techniques and technologies that have been generally accepted in the industry.
Looking Beyond Your FirewallWe look at connections your business has to make sure relationships don't increase your risk.
Learn MoreTo talk with us about security and your business, call 650-426-5310 or submit your inquiry online.
Or, see the Global Security Consulting Services Overview.

We Put Your Business First

Security Isn’t Just about Security, It’s about Your Business 
We look at your organization as a whole to determine the impact a security or compliance failure might have on your operations, your reputation, and your business objectives. Sometimes we evaluate an entire enterprise, sometimes just a discrete program - but we always look at the effect of security and compliance on your organization’s mission.

We’ve Been in Your World, Shared Your Experience 
We have no such thing as a junior staff. We average nearly 10 years of experience. We’re professionals who’ve actually experienced the importance of security and compliance to a business. Many of us are IT security professionals who’ve worked in the financial industry, commercial enterprises, and the government. We’ve been in your shoes. Putting your business first is a reflex. 

Back to top

We Give People and Practices as Much Weight as Technology

Security Is More than Technology 
Most problems we uncover are every bit as much organizational as they are technical. Part of our approach is a thorough examination of your technical infrastructure. But even a great infrastructure isn’t enough. We also scrutinize:  

  • Your security and compliance policies
  • Your actual practices
  • Your business processes
  • Your IT processes
  • Your staff’s understanding and observance of your policies and practices

Improving Behavior, Awareness, and Training Is Essential 
We never recommend technical improvements without also considering organizational changes that will make them effective. We identify weaknesses in your policies and practices that are endangering your security or compliance. We can help train your staff to understand improved policies and practices so they’re equipped to follow them. We can also help them become more aware of threats so they’re constantly on guard.  

Back to top

We Use Industry Standards as the Foundation of Our Work

When all industries are required to adhere to the same rigorous compliance mandates, and suffer the same security threats, they work together to evolve and standardize best practices. The result is accepted practices of proven value. Our work is built on the solid foundation of standards of good practice such as ISO 27002, NIST, COBIT, and Basel II. You can have confidence in the assessments we conduct and the recommendations we make because we’re in effect benchmarking you against every other business in your industry.  

Back to top

We Use Tools and Techniques That Are Industry Tested

The tools we use are every bit as important as our expertise and our approach. Our techniques and technologies - both open-source and commercial - are generally accepted throughout the security industry.

Technologies we use include:  

  • Network-based vulnerability scanners
  • Web-server vulnerability scanners
  • Web-application vulnerability scanners and assessment tools
  • Database vulnerability scanners
  • Penetration testing tools and exploits
  • Packet sniffers and intrusion detection software
  • Policy and compliance checking software
  • Scripts and tools to dump and analyze security device configurations
  • Code review stratification and analysis tools
  • Computer forensic imaging and analysis technology
  • Network forensic data capture and analysis tools 

We test and evaluate every tool before using at a customer’s site. We also employ an R&D team to write add-ons such as scanning signatures and scripts for analysis and reporting. We’ve also developed workflow tools - such as databases for assessment results. They let us work faster and smarter - and tailor our findings to your business.  

Back to top

We Understand That Security Extends Beyond Your Firewall

We understand that you’re not an island - that you partner with other businesses that play an essential part in your enterprise. We understand that security is more than just what’s inside your firewall. We focus on the bigger picture. We look at the connections your business has with other companies to make sure that any relationship doesn’t increase your risk or threaten your compliance.  

Back to top
Contact Us
Please contact sales at
650-426-5310
Submit an inquiry online
Global Security Consulting
Services Overview
Enterprise Security Assessments
Enterprise Compliance Assessments
Security Certification Program
Incident Response and Forensics Services
Technical Security Assessments
Security Policy and Program Services
Security Architecture and Design Solutions
Identity and Access Management Services
Disaster Recovery and Business Continuity Solutions
Information Center
About Global Security Consulting
Industries We Work With
Public Sector Compliance Services
Compliance and Your Business
Resources



ABOUT SSL CERTIFICATES