Re: Security Assessment Vendor

[WALTER KERNER <walter_kerner () FITNYC EDU>]

There is a smaller company headquartered in upstate NY called Grey Castle.
They did some excellent work for us, make risk-balanced recommendations,
and are priced at a point that understands the budget situation in Higher
Ed.  I would definitely contact them.







Walter Kerner

AVP and CISO

[image: blue]

333 7th Avenue, 13th Floor

New York, NY 10001

Voice: 212-217-3415



*From:* The EDUCAUSE Security Constituent Group Listserv [mailto:
SECURITY () LISTSERV EDUCAUSE EDU] *On Behalf Of *David Stack
*Sent:* Wednesday, April 18, 2018 8:55 AM
*To:* SECURITY () LISTSERV EDUCAUSE EDU
*Subject:* Re: [SECURITY] Security Assessment Vendor



We’ve had engagements with Stroz Friedberg for security assessment,
penetration testing, security program development and incident forensics.



We’ve been quite impressed with everyone on the team and the quality of
their work.



— David



David Stack

Interim Associate VP & CIO

University of Wisconsin System

dstack () uwsa edu



*From: *The EDUCAUSE Security Constituent Group Listserv <
SECURITY () LISTSERV EDUCAUSE EDU> on behalf of "Bumpas, Shana" <
sbumpas () RICHMOND EDU>



Good Morning,



I am looking for a vendor to do a threat assessment of our environment.
 Mandiant is the first vendor that comes to mind.  Does anyone have
experience with Mandiant and if so, how was it?  Are there any other
contenders worth a look?  Thank you.



Best regards,

Shana Bumpas

Director of Information Security

University of Richmond

804-289-8655

sbumpas () richmond edu