wave of data

What We Do – Services

Leading edge solutions developed to help secure your environment. We guide you to better leverage existing technology investments to improve enterprise security posture.

"Trimarc Security Assessment Reports Provide Feasible, Actionable Recommendations"

Trimarc Security Assessments Improve System Security Posture

Trimarc security assessments uncover potential security issues and provide recommendations that customers can implement more quickly (without having to look things up on Google).

Our service offerings focus on reviewing and improving the security posture for each system we assess. Key to this is ensuring that any security recommendations we provide align with your business process and requirements. Trimarc works with you as a Trusted Adviser in improving your enterprise security.


 

Assessment Timeline & Process

Assessment timeline is typically 4 to 6 weeks depending on scoping - smaller environments typically take 3-4 weeks and large environments take around 6 to 8 weeks.
 

Prior to the assessment start, the Trimarc Operations Team will work with the customer to determine the best method to perform the assessment, either through remote access or a newer "contactless" approach we developed where the Trimarc team requires no connectivity or access to the environment.

 

The assessment process breaks down into 5 phases:

  • Phase 1: Initial Access / Receipt of Configuration Data

  • Phase 2: Configuration Data Validation

  • Phase 3: Initial Analysis & Report Writing
  • Phase 4: In-depth Security Posture Analysis
  • Phase 5: Internal Team & SME/QA Review & Final Report Preparation

 

Assessment Report

Trimarc's reports are what set us apart from the competition!

We have a rigorous report review process that can take up to a week to ensure that all potential security issues in an environment are explored, documented, and include feasible, actionable recommendations. This process ensures that every report is reviewed by a Subject Matter Expert (SME) after which the report is discussed with all Trimarc SMEs for that assessment type & at least one Red Team member to ensure nothing is missed.

Frequently Asked Questions

 

Q: What is the impact to Operations?

Trimarc designed our Security Assessments to be lightweight so that once we start the assessment, we only need a few hours of a customer's team.

 

Q: What rights are required to perform the assessment?
 

Trimarc Security Assessments only need read-only/view-only rights to the system being assessed.

 

Q: I'm concerned that after Trimarc completes the assessment and delivers the report, my team will have a lot of work to do. Is this true?

While we can't speak to a specific customer environment or situation, we can provide some information related to this question.

 

  • Trimarc customers are able to resolve over half of the High priority findings we discover in days to weeks, not months or years.

  • Trimarc customers are able to resolve over 95% of Critical priority findings in less than a day.

  • Trimarc customers are able to fix issues faster than other assessments due to the amount of detail we include in the report.

  • Trimarc customers find it is easier to have Trimarc perform an assessment sooner rather than later since Trimarc provides an effective roadmap of what to resolve first and what can wait for later.

 

Q: My environment is very small, will the assessment really require 4 weeks?
 

While it may be possible to reduce the amount of time it will take, our standard assessment process is very detailed which results in the most comprehensive security assessments on the market. In some cases, Trimarc provides a "Security Review" instead of a "Security Assessment" which is less involved, doesn't include all the detail and analysis of the assessment, and therefore takes less time.