Secure IT


Security Consulting | Compliance | Security Services

Find Out More

About SecureIT


SecureIT was founded in early 2017 by Magnús Birgisson who has years of experience in IT security and compliance. The growing company focuses on the following services:

  • Compliance assessments (e.g. PCI, HITRUST, ISO27k), reports and certifications
  • Security and compliance consultation with security best practices
  • Managed Security Services
  • Internal and external vulnerability scans and penetration tests
  • Managed Security Information and Event Management (SIEM)
  • Intrustion Prevention services and managed firewalls
  • Security hardening platform

We analyze your business processes, supporting IT infrastructure and environment. Next, we conduct an assessment and identify gaps based on security and compliance requirements. Then we collaborate with your team to find the best-fit solutions for your business. Together, we create a remediation project plan and with our efficient solutions and guidance, we make sure you reach your goals by tuning your security to what it needs to be.

We offer managed security services to strengthen your security posture running internal and external vulnerability scans regularly, and conducting penetration tests to exploit discovered vulnerabilities. To maintain a secure and sound environment we offer managed Security Information and Event Management (SIEM) services for real-time analysis to detect threats before realized as well as security threat intelligence, monitoring and alerting. Using Nanitor's security hardening platform you receive hardening recommendations and changes or anomalies to security posture through security configurations immediately. And by utilizing the managed intrusion prevention service and firewalls, your network in monitored in real-time to detect and prevent threats. Finally, we certify your company and offer additional security improvements.

Our services

Services


Personal Security Consulting

We build a relationship with our customers. SecureIT works closely with its customers and strives to provide outstanding professional services. Do you need help with security and / or compliance? Do you need to get a security audit or assessment? We have the skills, the know-how and the ambition to provide you with excellent services and we care about you. We want a long-lasting relationship with our customers. Your success is our success.

Compliance and Certifications

Do you need to comply with PCI-DSS, HITRUST or ISO 27001? SecureIT does your gap analysis and assesses your status, informs you what you need to do to comply with multiple standards and provides you with solutions to the discovered gaps. SecureIT provides compliance reports (e.g. PCI-DSS and HITRUST), security best practices, know-how and efficient solutions, roadmaps and support. We make sure you reach your security posture goal. And we certify your company!

Vulnerability Assessments

SecureIT assesses and identifies internal and external risks and vulnerabilities in your environment. SecureIT provides managed internal and external vulnerability scans using an Approved Scanning Vendor engine that meets compliance requirements, such as PCI-DSS. We conduct regular scans for you and categorize the results based on priority, relevance and estimated work to mitigate the discovered vulnerabilities. We provide recommended actions and the appropriate rationale as well as security best practices. Finally, we provide the necessary compliance reports. The services should be run on a continuous basis to identify issues as they arise. Is your website and IT environment secure?

Penetration Testing

While the vulnerability assessments continuously identify and report on discovered vulnerabilities, the penetration testing attempts to exploit the identified vulnerabilities. SecureIT performs several types of penetration testing, including network, web application and even social engineering tests and phishing attacks. We then go through the report findings and collaborate with you in resolving the issues identified and provide consultation when it comes to prioritization and risk mitigation. As for compliance, penetration testing is required on a regular basis, e.g. by the Payment Card Industry Data Security Standard.

Security Hardening Platform

SecureIT provides Nanitor's security hardening platform for all your devices. The platform continuously and actively monitors security configurations based on recommended CIS (Center for Internet Security) benchmarks and controls, of your company’s assets, including workstations, server, network devices and major applications. A security baseline is created within your company and security incidents, missing security patches, user behavior and status are reported and can be sent to your SIEM. Intelligence is provided e.g. for weakest link, misconfigurations and local and domain user analytics. Importance, severity, rationale and compliance applicability is provided.

Security Information and Event Management

The Managed Security Information and Event Management (SIEM) service consists of the 24/7 Security Operations Center managing historical and real-time security information and event analysis and correlation to identify patterns and trends to help prevent emerging threats before they occur; active threat intelligence which is consistently updated from multiple internal/external security sources; monitoring, alerting, and unified reporting. Identify patterns and trends to help prevent emerging threats before they occur.

Intrusion Prevention services

The Intrustion Prevention service provides threat intelligence and signature updates; monitoring, alerting, and reporting; customizable dashboards; vendor agnostic expertise; software updates and patches. The 24/7 Security Operations Center monitors your network in real-time, detects and prevents threats!

Managed Firewall services

The 24/7 Security Operation Center tunes and optimizes security infrastructure; continuous rule and patch updates; monitoring, alerting, and reporting; vendor agnostic expertise with best of breed security devices; specialized recommendations for network infrastructure and architecture design.

Qualifications


  • Qualified Security Assessor (PCIP/QSA)
  • Certified HITRUST CSF Practitioner / CSF Assessor (CCSFP)
  • Certified Information Systems Security Professional (CISSP)
  • GIAC Information Security Professional (GISP)
  • ISO/IEC 27001:2013 Lead Auditor
  • EC-Council Certified Ethical Hacker (CEH)
  • Cellebrite Certified Logical Operator (CCLO)
  • Cellebrite Certified Physical Analyst (CCPA)

Happy Customers


Partners


Let's Get In Touch!


Ready to start your next project with us? That's great! Give us a call or send us an email and we will get back to you as soon as possible! References are available upon request.