Our Professional Alliances

Briq Haus Ltd. Security & Intelligence interfaces and contracts with other services and professionals to create customized security intelligence solutions in the four domains: Physical, Logistical, Analytical, and Digital. Our pursuit of excellence expands our social and professional business networks to reach across a broad spectra, allowing the option to choose specific products or services to write into a Perfect Security Suite per client specifications.

In our efforts to expand our brand awareness and recognition, Briq Haus Ltd. has the privilege and honor of connecting with seriously security-minded professionals with a variety of backgrounds in intelligence, military / task-force, and information technology. It is to these esteemed professionals I personally defer for their expertise in their relevant niche fields, and while I aim to promote their services and herald their talents, I am also announcing their professional alliance to Briq Haus Ltd. systems integration approach at creating larger and more comprehensive security plans and operations.

Waveman Solutions is our newest ally, and a longtime mobile security and personal security consultant in the Nigerian theatre.

WavemanSolutions

Always In Tao provides our system administrator level defensive posture and secure coding operations.

Image may contain: text

ShadowNet Hosting is our secure Indian server provider and DDoS mitigation specialist.

Capture

5X5 Security is our outsider with insider privileges, providing secure logistical on-call support and consultation for special cases.

 

Challenging Security Limitations: White vs. Black Box Testing & Real Risk

1_briq_haus_ltd_38_special_logo_ad_graphic

I awoke in the middle of the night. It was the witching hour, 3am! Rapidly behind my lowered eyelids pie-graphs and charts explaining esoteric security concepts flashed in sequence, but I was too groggy to retain everything I learned. Why I am chosen for this sort of lucidity, I will never understand. This article is an attempt to best re-create the deeper concepts I received in that vision, but a week has elapsed since that night and therefore I have mostly forgotten everything. I’ll just have to wing it.

White Box Vs. Black Box

The article I have linked above describes the difference between the security, and/or software testing procedure in which internal elements are either known or unknown by the testers. The benefits of knowing the internal workings in a test allow for a more thorough and rigorous approach to each and every individual node or aspect of the subject, whereas a Redteam performing an unknown or Black Box test may not strike upon every single nuance built into the system, but may however come up with something heretofore unknown. The Black Box test is conducted exclusively by third-party security or testing professionals, which is requisite due to their specific insights into security penetration and access. For these reasons, it is considered a “low-level” test which is also known as an integration or unit test. It is conducted, in other words, from the outside working inward.

White Box tests are conducted usually by software developers or some part of the internal staff working on the project or overview. White Box tests are considered high-level tests also called system or acceptance testing. These tests are intended to fully air-tight the system after the beta-testing bugs have been detected and eliminated. The benefits of thorough White Box testing are thoroughness, insofar as the team knows the way the program or plan “should” work and can therefore test against this ideal. An internal team conducting this type of test knows the code (or building scheme; what have you), and therefore possesses an eagle-eye’s view of the entirety of the subject’s workings.

So Which Is Better For Your Company?

Before I answer this question for you, ask yourself:

  1. Do I have an internal team already providing White Box testing?
  2. Are they specifically hired for testing, or did we just divert Sheila and Burt from engineering over there to do another bug-sweep? (Remember what happened in the 1986 film Aliens.)
  3. If you have a specific internal team for testing, are they getting on well with engineering? Do they have a working rapport and are able to comprehend each other effectively leading up to the testing phase?
  4. Did you seek professional consulting from a specialized security Redteam?
  5. If you did not answer YES’ to each of the above questions, you and your company are not necessarily ready for what I am about to reveal to you in the next section.

Attrition Theory

I am not a mathematician however I think you can get behind me on this.

x/a – y/b = (+, – = successful, unsuccessful)

Attrition Theory basically asserts that given company with resources (personnel, training level, security architecture, security equipment, surveillance, etc.) when attacked by competitor (or OpFor) with resources y, a simple subtraction is necessary to determine who is successful in the attack. If the OpFor is willing to invest enough time and resources into their raid on company a, their success will be indicated by the result being a negative number, having taken the amount of invested resources from company into the red.

Is your company ready for your competitor or OpFor to outbid you on your willingness to invest in preventative security measures? Following a breach, it may be too late to save face so insurance, or the ability to clean up after the fact, is just not going to be enough.

Now to answer the question I asked before: Which sort of test is better?

Chew On This

So your internal team designated another internal team to do the testing. Ok. So the engineers got with the testers and did a Power Point powwow. Sure. So then after that you decided you still thought it would be wise to get an outside team to consult. Good. They do their scans and don’t really provide any insight beyond the scope of the White Box team, but good on you for checking. So you’re awesome, right? Invulnerable!

BRIQ | HAUS LTD. SECURITY & INTELLIGENCE has the guts to ask you these hard questions:

  1. How secure is your facility/program in case of a fire drill? Do you have protocols in place to handle securing end-user’s data BEFORE they flee the scene?
  2. What about in case of a REAL FIRE. And are you willing to test this in a non-drill scenario to absolutely ensure your security protocols work?
  3. Is your staff alerted to the higher danger of active shooters, like the scenario recently at YouTube? If so, do you again have a plan in place to protect end-user data from a potential shooter or *gasp* terrorist attack?
  4. What about acts of God like locusts, plague, or you know, floods? Are you guys going to not only get out of the building safe, but will you be able to stop Boris & Natasha from killing Moose’n’Squirrel during the disaster? For the OpFor, luck is when preparedness meets opportunity.
  5. If you didn’t answer ‘YES’ to each of the above questions, you need to contact us at BRIQ | HAUS LTD. SECURITY & INTELLIGENCE and immediately schedule consultation. Our information technology and intelligence community professionals know things that can protect your bottom line, so you can stop worrying about all the hard realisms I just threw at you.

My name is Robert Brooks Authement, owner and operator of Briq Haus Ltd. I think like the bad guys so you and your team don’t have to. If you think these insights can be of assistance to you and your company, please consider me and my team at your service.

kinopoisk.ru

 

Briq Haus Ltd. Elemental Security Services

purple-abstract-technology-and-engineering-motion-background-with-plexus-elements-and-depth-of-field-settings-3d-rendering_sztnzo3dx_thumbnail-full02

Briq Haus Ltd. Security & Intelligence intends to contract and interface with other services and professionals to create customize physical, logistical, analytical, and digital solutions for our clients while developing innovation at a physical headquarters. This is our mission statement, a principle to which our team of international information technology and intelligence community professionals adhere with the utmost confidence and dedication. Our combined skills and knowledge in the security realm are fueled by research, and powered by experience in the field. Whether your needs require research, investigation, security-as-a-service, infrastructural analysis, special operations, cloud or parallel computing, radio transmission, aerial or ground surveillance, anti-drone or radio jamming, penetration testing, security redteaming, we got that handled. Listed below, for simplification, are our main three tiers of service which is immediately marketable to a majority of companies in all sectors.

“Perfect Security Suite”

As security professionals, we know one truth about security; that it is never invulnerable. And as such, we aim to create the “Perfect Security Suite” for you and your affiliates by listening and recording with precision your specific security concerns, and then devising the most perfect fitting combination of solutions to protect your assets.

This would entail enumerating the specific security needs into the four domains of security and devising a strategy, compiling the tools, and assigning the correct professional to handle your requirements. This is something Briq Haus Ltd. can do with a high-powered surety of completion, and competitive pricing and term contract which entirely customized to meet your needs.

While no security plan or design is invincible, by contracting with Briq Haus Ltd. you can be sure that the security services and analysis we provide are absolutely perfect.

Guidelines & Compliance Assurance

FISMA, HIPAA, SOX, ISO 17799, and GLBA??? The list goes on and continues to expand in depth and breadth as the dynamic technology presently occupying the field has different operational procedure and similar compliance requirements. What about securing IoT devices? What about Crime Prevention Through Environmental Design? It can become infuriating and overwhelming for you and your team’s business operations to have all of these incredibly complex issues covered in the satisfactory means which cover the requisite compliance guidelines set forth by the powers that be.

Briq Haus Ltd. has at the ready a team of tried and true security professionals ready and available to patch any vulnerabilities in your plan, and get you up to speed with the exact compliance guidelines and specifications you need to move forward. Just let us know what you need, we’ll huddle up and devise the right approach and implementation to get you above and beyond the compliant requirements.

Staff & Management Training

This is where we foresee an overwhelming response to our efforts as security providers. The numbers are in and a staggering 70% of employees (and employers!) in all sectors are lacking even the most basic information security training. Security starts at the perimeter and extends into the very hearts of your staff and management; social engineering and the insider threat is a very real and serious challenge in today’s dynamic. Not only can we offer on site training for your own security team, in terms of intelligence community tradecraft in identifying inside threats, but we can produce videos to sell to your firm as per our contract.

Don’t be a victim to spear-phishing/dumptser-diving outsiders and tailgating/shoulder-surfing insiders. Contract with Briq Haus Ltd. Security & Intelligence right now, and take comfort in knowing that we are 100% expert in this field because we have all performed these nefarious deeds on a regular basis as part of our baseline security auditing process! You won’t need to worry about the bad guys if you hire us, because we’ll teach you and your team in a multi-layered tiered approach to raise the standard for your information and other security means. Our experience with local and Federal government and background in military and intelligence operations are our pledge of excellence.

Other Services

If you need it done, we have the extensive networking which reaches into the Southeast Asian, Western European, Northern African, and Middle Eastern theatres. Above are listed what we foresee being our highest demands in terms of commercial applications, however for special work and contracting, please e-mail your case details and we’ll take care of you.

Respectfully,
Sir Robert Brooks Authement
mailto:briqhausltd@gmail.com