Secure IT


Security Consulting | Compliance | Security Services

Find Out More

About SecureIT


SecureIT was founded in early 2017 by Magnús Birgisson who has years of experience in IT security and compliance. The growing company focuses on the following services:

  • Compliance assessments, reports and certifications
  • Security and compliance consultation with security best practices
  • Vulnerability scans and penetration tests
  • Security hardening platform
  • Secure coding practices and code reviews

We analyze your business processes, supporting IT infrastructure and environment. Next, we conduct an assessment and identify gaps based on security and compliance requirements. Then we collaborate with your team to find the best-fit solutions for your business. Together, we create a remediation project plan and with our efficient solutions and guidance, we make sure you reach your goals by tuning your security to what it needs to be.

We offer technical security services to strengthen your security posture running regular ASV vulnerability scans and then we conduct both internal and external penetration tests. Then through the use of Nanitor’s security hardening platform which provides hardening recommendations and security status at all times, we provide further visibility into your security posture. Finally, we certify your company and offer additional security improvements.

Our services

Services


Personal Security Consulting

We build a relationship with our customers. SecureIT works closely with its customers and strives to provide outstanding professional services. Do you need help with security and / or compliance? Do you need to get a security audit or assessment? We have the skills, the know-how and the ambition to provide you with excellent services and we care about you. We want a long-lasting relationship with our customers. Your success is our success.

Compliance and Certifications

Do you need to comply with PCI-DSS or ISO 27001? SecureIT does your gap analysis and assesses your status, informs you what you need to do to comply with multiple standards and provides you with solutions to the discovered gaps. SecureIT provides compliance reports, security best practices, know-how and efficient solutions, roadmaps and support. We make sure you reach your security posture goal. And we certify your company!

Vulnerability Assesments

SecureIT assesses and identifies internal and external risks and vulnerabilities in your environment. SecureIT provides internal and external vulnerability scans using an Approved Scanning Vendor engine that meets compliance requirements, such as PCI-DSS. Our customers get access to a scanning portal where they can scan any number of IPs, as frequently as needed, and see recommended actions with the appropriate rationale. The portal provides reports on status that can be sent e.g. to acquiring banks. The portal also provides access to Self Assessment Questionnaires from the PCI Council which we can help you with. We provide security best practices and recommendations to resolve discovered issues. The services should be run on a continuous basis to identify issues as fast as possible. Is your website and IT environment secure?

Security Hardening Platform

SecureIT provides Nanitor's security hardening platform for all your devices. The platform continuously and actively monitors security configurations based on recommended CIS (Center for Internet Security) benchmarks and controls, of your company’s assets. This includes workstations, servers, network devices and major applications like IIS, MSSQL and Oracle where recommendations are also provided. An appropriate security baseline is created within your company and security incidents, missing security patches, user behavior and status are reported and can be sent to your SIEM. Intelligence is provided e.g. for weakest link, misconfigurations and local and domain user analytics. The importance and severity of the configurations have been defined, including rationale and compliance applicability which are also made available for a prioritized approach. Remediation packages for compliance are also available.

Penetration Testing

While the vulnerability assessments continuously identify and report on discovered vulnerabilities the penetration test attempts to exploit the vulnerabilities. SecureIT performs network penetration testing as well as infrastructure and application testing. We then go through the report findings and collaborate with you in resolving the issues identified and provide consultation when it comes to prioritization and risk mitigation.

Secure Code

Does your development lifecycle enforce good security practices like OWASP Top 10 or SANS Top 25? Security should be a fundamental and integral part of the development effort. SecureIT provides training and guidance for secure coding practices and collaborates with your development team to make this a natural part of development as well as incorporating into procedures, coding guidelines and policies. SecureIT also conducts code reviews.

Qualifications


  • Qualified Security Assessor (PCIP/QSA)
  • Certified Information Systems Security Professional (CISSP)
  • GIAC Information Security Professional (GISP)
  • EC-Council Certified Ethical Hacker (CEH)
  • GIAC Web Application Penetration Tester (GWAPT)
  • ISO/IEC 27001:2013 Lead Auditor

Customers


Partners


Let's Get In Touch!


Ready to start your next project with us? That's great! Give us a call or send us an email and we will get back to you as soon as possible! References are available upon request.