10/6/2021

Introduction to TestifySec

Author: Cole Kennedy

A person standing on a mountain top
  1. Supply Chain Security: The foundation of any system is its supply chain. Recent attacks have shown a need to approach supply chain security differently. Mikhail and I are leading that effort with our work in the CNCF. We are ready to bring the latest guidance from the CNCF and Open Source Security Foundation to secure your enterprise. Our reference architecture aligns with SLSA Level 4, providing the strongest security available from source to production.
  2. Public Key Infrastructure: In our systems, we design security boundaries around private key material. We understand how to create zero-trust networks and systems with cryptographic guarantees.
  3. Policy As Code: Defining organizational policy as code is essential to maintaining agility while making a DevSecOps transformation. Our team understands how to decompose complex organizational policy into automation, reducing friction across your enterprise.
  4. Cloud-Native Security: Securing modern systems requires a team with experience in Cloud Native systems. Every one of our engineers is a Kubernetes Certified Administrator. We leverage containers and Kubernetes to provide predictability and consistency in systems. In addition, we provide an out-of-band method for securing your workloads and data, reducing the risk of using new and open-source technology.

Success Methodology

Our engineers follow a proven formula to ensure your security transformation.
  1. Discovery: Our architects and engineers will meet with your security and engineering team to understand your business concerns and risks.
  2. Assessment: As a product of the discovery phase, our team will deliver an infrastructure security assessment and draft architecture that meets your organization's needs.
  3. Delivery: Our team of engineers and partners will be ready to deliver the architecture in an agile manner. We have years of experience delivering on projects while working remotely. At no point will you not know status and progress of your project.
  4. Sustainment: We provide support solutions to meet your ongoing needs, from virtual training to incident response.
  5. Custom Solutions: We will lower your overall management cost by developing custom software that allows your organization to manage their network, user, and workload security specific to organizational needs, integrating with existing enterprise systems.
We look forward to securing your organization's most critical systems.
-Cole and Mikhail

Founders

Cole works with some of the largest organizations in the world to implement and mature Zero-Trust and software supply chain practices. His work has been featured at multiple conferences including KubeCon, and GitLab Commit. He is an open-source contributor and is a co-author of the CNCF Best Practices Paper. He is a decorated Iraq and Afghanistan combat veteran that understands how to execute a mission.
I Mikhail is a technology leader with expertise spanning the entire software development life-cycle including full-stack development, agile/scrum project management, systems architecture, and DevSecOps. At TestifySec, Mikhail focuses on enabling modern software development and cyber-security for clients in national defense, critical infrastructure, financial services and enterprise IT/OT.