A leading NJ large medical practice company called Accorain's team of experts to help them after a Ransomware attack.

Article

This company continues to stay HITRUST certified and SOC 2 compliant with Accorian

HITRUST, SOC 2, & ISO 27001 To meet multiple compliance frameworks (HITRUST, ISO 27001, SOC 2) across various industries and geographies in less than a year. To create a single roadmap that covers both security and compliance. Furthermore, to manage regular updates of their audit cycle, policy procedures, and vulnerability management. This is to help speed up compliance and reduce friction.

Article

This is how we helped a B2B client improve their information security practices to control the availability of information, as well as enable confidentiality, and integrity that was critical to its business growth

ISO 27001 To meet the growing demands of their services, The client had implemented sophisticated technology assets for business operations, thereby increasing the organization's exposure to attacks on its IT, as well as business infrastructure. To overcome these situations the client had to place immense emphasis on the improvement of information security practices with regards to confidentiality, integrity, and availability of information within the company. For this, they hired Accorian to implement IT risk management processes, align internal privacy standards with international standards, and incorporate maturity in documentation.

Article

This B2B client in the Healthcare space needed to be able to scale vendor risk assessments with a trusted partner

VENDOR RISK ASSESSMENT The client needed to be able to scale vendor risk assessments within a short period and with a trusted partner. At the same time, healthcare organizations in their marketplace needed to feel comfortable with a 3rd party reviewing security assessments.

Article

This company needed to understand the impact of a targeted attack on the organization and emulate various threat actors.

Red Teaming The company has a mature security practice and conducts penetration tests regularly. These tests were mostly point in time exercises where the attacks were limited to the scope of the assessment. The company needed to understand the impact of a targeted attack on the organization and emulate various threat actors.

Article

A Leader in Investment Research wanted to look beyond plain vanilla security testing services & wanted to holistically understand their security flaws.

Challenges Understanding the real intent & desired outcomes of the CTO & CISO for the annual penetration testing assessment Finalizing the scope of work after our session on our recommendations on assessments that can help in understanding holistic technical risk and signoff Collection of pre-requisites especially secure handling of source code and planning timelines Maintaining the operability of sensitive systems while completing our technical assessment

Case study