SecureIT was founded in early 2017 by Magnús Birgisson who has years of experience in IT security and compliance. The growing company focuses on the following services:
We analyze your business processes, supporting IT infrastructure and environment. Next, we conduct an assessment and identify gaps based on security and compliance requirements. Then we collaborate with your team to find the best-fit solutions for your business. Together, we create a remediation project plan and with our efficient solutions and guidance, we make sure you reach your goals by tuning your security to what it needs to be.
We offer technical security services to strengthen your security posture running regular ASV vulnerability scans and then we conduct both internal and external penetration tests. Then through the use of Nanitor’s security hardening platform which provides hardening recommendations and security status at all times, we provide further visibility into your security posture. Finally, we certify your company and offer additional security improvements.Our services
We build a relationship with our customers. SecureIT works closely with its customers and strives to provide outstanding professional services. Do you need help with security and / or compliance? Do you need to get a security audit or assessment? We have the skills, the know-how and the ambition to provide you with excellent services and we care about you. We want a long-lasting relationship with our customers. Your success is our success.
Do you need to comply with PCI-DSS or ISO 27001? SecureIT does your gap analysis and assesses your status, informs you what you need to do to comply with multiple standards and provides you with solutions to the discovered gaps. SecureIT provides compliance reports, security best practices, know-how and efficient solutions, roadmaps and support. We make sure you reach your security posture goal. And we certify your company!
SecureIT assesses and identifies internal and external risks and vulnerabilities in your environment. SecureIT provides internal and external vulnerability scans using an Approved Scanning Vendor engine that meets compliance requirements, such as PCI-DSS. Our customers get access to a scanning portal where they can scan any number of IPs, as frequently as needed, and see recommended actions with the appropriate rationale. The portal provides reports on status that can be sent e.g. to acquiring banks. The portal also provides access to Self Assessment Questionnaires from the PCI Council which we can help you with. We provide security best practices and recommendations to resolve discovered issues. The services should be run on a continuous basis to identify issues as fast as possible. Is your website and IT environment secure?
SecureIT provides Nanitor's security hardening platform for all your devices. The platform continuously and actively monitors security configurations based on recommended CIS (Center for Internet Security) benchmarks and controls, of your company’s assets. This includes workstations, servers, network devices and major applications like IIS, MSSQL and Oracle where recommendations are also provided. An appropriate security baseline is created within your company and security incidents, missing security patches, user behavior and status are reported and can be sent to your SIEM. Intelligence is provided e.g. for weakest link, misconfigurations and local and domain user analytics. The importance and severity of the configurations have been defined, including rationale and compliance applicability which are also made available for a prioritized approach. Remediation packages for compliance are also available.
While the vulnerability assessments continuously identify and report on discovered vulnerabilities the penetration test attempts to exploit the vulnerabilities. SecureIT performs network penetration testing as well as infrastructure and application testing. We then go through the report findings and collaborate with you in resolving the issues identified and provide consultation when it comes to prioritization and risk mitigation.
Does your development lifecycle enforce good security practices like OWASP Top 10 or SANS Top 25? Security should be a fundamental and integral part of the development effort. SecureIT provides training and guidance for secure coding practices and collaborates with your development team to make this a natural part of development as well as incorporating into procedures, coding guidelines and policies. SecureIT also conducts code reviews.