News & Events

Stay up to date with the latest information related to GuidePoint Security news and events, along with the latest Cyber Security news.

 

GuidePoint Security Placed on CRN MSP 500 List for Excellence in Managed IT Services

GuidePoint Security recently made their debut on CRN’s elite 2017 Managed Service Provider 500 (MSP) list in the Managed Security 100 category.

The prestigious annual list is comprised of organizations that have demonstrated excellence in their Managed IT services and North American solution providers with cutting-edge approaches to delivering managed services. Their offerings help companies navigate the complex and ever-changing landscape of IT, improve operational efficiencies, and maximize their return on IT investments.

“GuidePoint’s vSOC Managed Security Services have experienced tremendous growth over the past two years and our inclusion on this list validates that the market is taking notice,” noted Justin Morehouse, GuidePoint Security’s Co-founder and Principal.

“We pride ourselves on our World Class customer satisfaction rating and believe that we are truly advancing the industry through our innovative approach to partnering with our customers to achieve their mission,” Morehouse said.

He cited GuidePoint’s exclusive managed services, Virtual Security Operations Center (vSOC) as one the best examples of the team’s coordinated efforts to level the playing field in terms of providing a customized solution that fits all budgets and organizational sizes, while identifying threats and vulnerabilities and creating a safer cyber environment.

“Managed service providers play an increasingly important role in the day-to-day operations of businesses across North America,” said Robert Faletra, CEO of The Channel Company. “MSPs help organizations streamline their spending, effectively allocate limited resources, and benefit from advanced expertise in the latest technologies. We congratulate the service providers on CRN’s 2017 MSP500 list, who have continually succeeded in meeting their customers’ changing needs and help them get the most out of their IT investments.”

CRN’s MSP 500 list shines a light on the most forward-thinking and innovative of these key organizations.

The list is divided into three categories: the MSP Pioneer 250, recognizing companies with business models weighted toward managed services and largely focused on the SMB market; the MSP Elite 150, recognizing large, data center-focused MSPs with a strong mix of on-premise and off-premise services; and the Managed Security 100, recognizing MSPs focused primarily on off-premise, cloud-based security services.

CRN® is a brand of The Channel Company.

The MSP500 list is featured in the February 2017 issue of CRN and online at www.CRN.com/msp500.

©2017. The Channel Company, LLC. CRN is a registered trademark of The Channel Company, LLC. All rights reserved.

GuidePoint Security showcases vSOC technology at RSA 2017

Forward thinking security professionals recognize that the current progression and magnitude of cyber threats is insurmountable for the understaffed security industry to effectively tackle.

There is, however, a solution.

Join GuidePoint Security for an informative Virtual Security Operations Center (vSOC) presentation at RSA 2017. During the vSOC presentation, you’ll learn about how GuidePoint’s managed security services can assist you with identifying threats and vulnerabilities through detection, response, and recovering from validated incidents.

Presentation Location: CrowdStrike Booth #2345, South Hall
Presentation Days/Times: Tuesday, 12:30 p.m. and Wednesday and Thursday, 11:30 a.m.

GuidePoint Security’s vSOC analysts and incident responders, supported by CrowdStrike Falcon Host, offer best-in-breed endpoint protection. Together, they offer one of the most comprehensive around-the-clock endpoint and security monitoring solutions on the market – all with the efficiency and scalability of cloud-based security management.

GuidePoint’s vSOC ingests Falcon Host platform data into the vSOC Detect monitoring platform, powered by Splunk. By monitoring endpoints and correlating endpoint data against other security-related information, vSOC analysts actively hunt for and discover new and emerging threats.

If you can’t make the presentation in the exhibit hall, our team will offer free, private demonstrations of our vSOC. All you have to do is sign up, and a GuidePoint representative will be in touch to set up a time to meet with you during the RSA Conference. Register now for your exclusive vSOC demo.

Not attending RSA or don’t have time to visit with us? You can register for our webinar, Stay Ahead of Adversaries Using Next-Gen Endpoint Security, on March 9th.

GuidePoint’s Expertise Supports Your Organization’s GSA HACS Contract Needs

Imagine this: Your network is compromised with outbound connections sending data to foreign countries, and your information security team has no idea.

That’s exactly what GuidePoint Security’s analysts and incident responders discovered while actively cyber hunting for a new client in our Virtual Security Operations Center (vSOC).

Our professionals discovered open connections to more than 30 foreign countries, even though the client had no foreign interests or customers. Using Splunk’s Enterprise Security application, our team put its geolocation capabilities to work and created a map to illustrate all the foreign locations that successfully received this data.

When we alerted the client to the connections, we used the map to show the extent of the compromise. The client agreed to implement egress rules on its firewalls to limit destinations for data transfers, as well as country-blocking technologies in its perimeter security appliances to deny connections to foreign countries. By working with GuidePoint, the client narrowed the scope of who has access to its enterprise network and improved its overall security posture.

This real-world example of cyber hunting for data exfiltration is one of the many ways GuidePoint can support your organization with your General Services Administration (GSA) Highly Adaptive Cybersecurity Services (HACS) contract needs.

GSA recently awarded GuidePoint all four HACS Special Items Numbers (SINs), including, 132-45C: Cyber Hunt. The others SINs include: 132-45A: Penetration Testing; 132-45B: Incident Response; and 132-45D: Risk and Vulnerability Assessment.

With these SINs, GuidePoint’s subject matter experts can help your organization with all of your information security needs. As a federal or state/local government client, your organization will have:

  • Access to pool of technically evaluated cybersecurity vendors
  • Rapid ordering and deployment of services
  • Reduction in open market ordering and contract duplication
  • Cybersecurity/acquisition support resources from GSA

For more information about how GuidePoint has helped clients, download the full text of our SINs Use Cases.

For additional information and pricing on our IT professional and cybersecurity services, visit https://www.guidepointsecurity.com/contracts.

GuidePoint’s Annual Social Hour Kicks Off RSA 2017

Attend our social hour or schedule a vSOC demo with us while you’re at RSA

Will you be in San Francisco Feb. 13-17 for RSA 2017? We’re looking forward to connecting with you!

Join GuidePoint Security for a fun and informative social hour on Monday, Feb. 13. It’s a great start to the week, and you’ll have a chance to meet and interact with some of the industry’s leading information security and cybersecurity professionals.

The social hour begins at 6:30 p.m. at Town Hall Restaurant, 342 Howard St. in San Francisco. The event, which continues through 8:30 p.m., is free, but you’ll need to register in advance. Click here to register now.

More than 45,000 people typically attend the RSA conference each year, and it’s a great time to learn more about the many ways you can protect your organization and stay ahead of cybersecurity issues and threats.

While we’re there, our team will offer free, private demonstrations of our Virtual Security Operations Center (vSOC). All you have to do is sign up, and a GuidePoint representative will be in touch to set up a time to meet with you. Register now for your exclusive vSOC demo.

During the vSOC demonstration, you’ll learn about how GuidePoint’s managed security services can assist you with identifying threats and vulnerabilities through detection, response, and recovering from validated incidents.

To sign up for our social hour at Town Hall Restaurant on Feb. 13 or to register for a vSOC demo during the conference, visit http://go.guidepointsecurity.com/rsa-social-hour-2017.html.

To learn more about the RSA conference, visit https://www.rsaconference.com/events/us17/about.

About GuidePoint Security
GuidePoint Security LLC provides innovative and valuable cybersecurity solutions and expertise that enable organizations to successfully achieve their missions. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification is with the System for Award Management (SAM). Learn more at: http://www.guidepointsecurity.com.

GSA awards GuidePoint all four Highly Adaptive Cybersecurity Services SINs

The General Services Administration (GSA) has awarded GuidePoint Security all four Highly Adaptive Cybersecurity Services (HACS) Special Item Numbers (SINs) on IT Schedule 70.

According to GSA, Schedule 70 is the largest, most widely used acquisition tool in the federal government. As an indefinite delivery/indefinite quantity (IDIQ) multiple award schedule, it provides direct access to products, services, and solutions from more than 4,700 certified industry partners.

The GSA HACS SINs recognize GuidePoint’s superior information security capabilities in support of the President’s Cybersecurity National Action Plan (CNAP) and the Cybersecurity Strategy and Implementation Plan (CSIP).

GuidePoint underwent a lengthy and rigorous evaluation, which included submission of numerous written documents as well as oral technical interviews.

“This was a comprehensive review of GuidePoint and our services,” Jim Quarantillo, GuidePoint’s Federal Partner, said. “Our team did an outstanding job explaining how our skilled professionals and technical expertise improve the overall information security integrity for our clients. Federal agencies, as well as state and local government agencies who work with us, will have confidence that we have been thoroughly vetted and are a superior option for all of their cybersecurity needs.”

The SINs are for:

  • 132-45A Penetration Testing: Security testing that mimics real-world attacks to identify methods for circumventing security features of an application, system, or network.
  • 132-45B Incident Response: Services to help organizations impacted by a cybersecurity compromise determine the extent of the incident, remove the adversary from their systems, and restore networks to a more secure state.
  • 132-45C Cyber Hunt: Responses to crisis or urgent situations within the pertinent domain to mitigate immediate and potential threats. Cyber Hunt activities start with the premise that threat actors known to target some organizations in a specific industry, or specific systems, are likely to also target other organizations in the same industry or with the same systems.
  • 132-45D Risk and Vulnerability Assessment: Assessments of threats and vulnerabilities, determines deviations from acceptable configurations, enterprise, or local policy, assesses the level of risk, and develops and/or recommends appropriate mitigation countermeasures in operational and non-operational situations. This SIN offers network mapping, vulnerability scanning, phishing assessment, wireless assessment, web application assessment, Operating System Security Assessments (OSSA), database assessment, and penetration testing.

“The Office of Management and Budget (OMB) will work closely with agencies to encourage them to buy cybersecurity services through IT 70, and OMB will partner with GSA to provide new capabilities and add more vendors as these SINs evolve and grow more robust in their offerings,” said Tony Scott, Federal Chief Information Officer, when the new SINs were announced.

With the SINs, GuidePoint’s subject matter experts will be available to support these agencies for all of their information security needs. Federal and government clients will have:

  • Access to pool of technically evaluated cybersecurity vendors
  • Rapid ordering and deployment of services
  • Reduction in open market ordering and contract duplication
  • Cybersecurity/acquisition support resources from GSA

For more information about HACS SINs, visit http://www.gsa.gov/portal/content/151154.

About GuidePoint Security
Headquartered in Herndon, Virginia, GuidePoint Security provides innovative and valuable cybersecurity solutions and expertise that enable organizations to successfully achieve their missions. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification is with the System for Award Management (SAM). Learn more at: http://www.guidepointsecurity.com.

Attackers can harm, steal your data with a ‘simple act’ of spear phishing

It seems innocuous enough. A simple email. Maybe it looks like it’s from someone you know; maybe it looks like it’s from an organization you interact with.

There’s a link, baiting you to click for what’s beyond. Or maybe there’s an attachment and it seems important enough to open to see what it’s about.

And then you do it. With a single click, a single download, you open the door for an attack. If you’re on a company computer or device, you may even put your entire agency at risk.

“The most devastating attacks by the most sophisticated attackers almost always begin with the simple act of spear phishing,” Homeland Security Security Jeh Johnson said recently while speaking at the Financial Crimes and Cybersecurity Symposium.

While phishing campaigns aren’t new tactics, attackers are now using phishing scams to launch an alarming number of ransomware attacks.

“A lot of people still aren’t clueing in to just how dangerous clicking links or accepting downloads from unknown sources can be,” Dave Low, director of Technology Solutions for GuidePoint Security, said.

Low was a recent presenter in a webinar with RSA that highlighted some of the many ways attackers compromise systems. He also discussed tools and strategies to keep your organization’s systems and data safe. Missed it? You can catch a recording here.

“While clicking links or downloading attachments from unknown sources can have monumental consequences on personal devices, the same behaviors on a device linked to a business or organization can wipe out an entire network, halting business, putting data at risk, and compromising reputations,” Low said.

That could be what happened to the San Francisco Municipal Transportation Agency (SFMTA) when its systems were infected by ransomware on Nov. 25. Malware encrypted the agency’s office computers and limited access to several systems.

The attack disrupted SFMTA operations, forcing the company to turn off ticket machines and open fare gates that weekend. Commuters got free transportation, but the agency ended up with a lot of headaches and extra work.

“The SFMTA network was not breached from the outside, nor did hackers gain entry through our firewalls,” Kristen Holland wrote in an SFMTA blog after the attack. “Muni operations and safety were not affected. Our customer payment systems were not hacked. Also, despite media reports — no data was accessed from any of our servers.”

Infected machines displayed the message, “you hacked, ALL data encrypted.” SFMTA was instructed to pay 100 bitcoin, about $73,000, to unlock their systems. Holland said SFMTA never considered payment and instead rallied around the clock to restore backups.

The SFMTA attack and other reports of agencies and individuals being locked out of systems following spear-phishing and ransomware attacks highlight the importance of maintaining backups and never clicking links or downloading files from unfamiliar sources, Low said.

GuidePoint can help you protect your organization’s environment and reduce your risks of attacks by analyzing your existing environment for possible vulnerabilities, and helping you build a customized information security plan to keep your systems and data safe. For more information, contact GuidePoint today at (877) 889-0132 or visit www.guidepointsecurity.com.

About GuidePoint Security
GuidePoint Security LLC provides innovative and valuable cybersecurity solutions and expertise that enable organizations to successfully achieve their missions. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification is with the System for Award Management (SAM). Learn more at: www.guidepointsecurity.com.

Fast-growing information security provider recruiting top cyber talent and other positions

GuidePoint Security, one of the fastest-growing companies in America, is looking for information security professionals and related support staff to join its award-winning team.

In 2016, Inc. Magazine recognized GuidePoint as the No. 5 Fastest-Growing Cyber Security company in the nation and one of the overall fastest-growing companies in both Virginia and the Metro-D.C. area.

With an impressive three-year growth at nearly 1,300 percent, GuidePoint has a multitude of open positions to help support its ever-expanding governmental and commercial client base.

“We attract top talent because we’re focused only on information security,” Michael Volk, GuidePoint’s Founder and Managing Partner, said.

GuidePoint’s successes, Volk pointed out, are rooted in the leadership team’s focus on finding the right people and the right talent; and creating an environment that enables them to flourish, to take chances, and never be satisfied with the status quo.”

“If our team members don’t try to exceed themselves and feel they don’t have the ability to take a chance, we are failing as a leadership team. We want innovative thinking. We want them to go the extra mile, and if sometimes that doesn’t work out, we learn from it and we grow from it.”

Click here to hear more from Volk about what makes GuidePoint a great place to work.

GuidePoint offers medical, dental, and vision insurance with generous employer contributions, eligibility for 401K after six months of employment, and competitive salaries and other benefits. Current career opportunities are available in engineering, executive management, managed services, project management, and sales.

GuidePoint is consistently honored as one of the best and fastest-growing information security companies. Some of its many awards include:

To learn more about GuidePoint, why it’s a great place to work, and to see current openings, visit our Careers page.

About GuidePoint Security
Headquartered in Herndon, Virginia, GuidePoint provides innovative and valuable cybersecurity solutions and expertise that enable organizations to successfully achieve their missions. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification is with the System for Award Management (SAM). Learn more at: http://www.guidepointsecurity.com.

Attackers use common tools to hide among network activity

Free webinar highlights strategies to stop them before they damage your network, steal sensitive data

After attackers hit the Democratic National Committee this summer, several information security teams concluded they used a variety of persistent methods and several PowerShell exploits to pull off the attack and steal documents.

PowerShell is part of the Windows operating system. Exploits allow attackers to execute commands on remote computers. The malware is often disseminated through click bait or spam emails, and most endpoint security programs don’t detect PowerShell malicious intrusions.

“Today’s attackers use advanced techniques and tools to compromise systems and hide among normal activity,” Dave Low, director of Technology Solutions for GuidePoint Security, said. “PowerShell-based attacks are very difficult to detect using a logs-only approach. This can lead to theft of sensitive information, disruption of business operations, or destruction of assets and damage to your business’ reputation.”

Learn more about the PowerShell exploit and other ways attackers try to compromise your systems during a free webinar 1:30 p.m. Eastern Wednesday, Dec. 14.

While most computer users today know it’s risky to click on links and download files from unknown sources, malicious links and downloads continue to be a challenge for information security teams, analysts, and incident responders, Low said.

The challenges are often exacerbated by security teams’ limited time and resources, and further complicated by a growing number of devices connected to the internet.

Unsecured Internet of Things (IoT) devices are increasingly used for malicious purposes, like the October Distributed Denial of Service (DDoS) attack against domain registration company Dyn. That attack enlisted up to 100,000 malicious endpoints to slow down connections to popular websites like Amazon, Twitter, Spotify, and more.

Attackers used Mirai-based botnets on IoT devices for the large-scale Dyn network disruptions. Recently, a new Mirai worm knocked nearly a million German Deutsche Telekom customers offline, and affected customers for Post Office broadband and TalkTalk in the United Kingdom.

Powershell exploits, phishing, ransomware, and the Mirai worm are just a few of the many ways attackers try to gain access into your environment. At 1:30 p.m. Eastern Wednesday, Dec. 14, Low and Michael Godin, senior systems engineer for RSA, will talk about these tactics during a free interactive webinar, “Threat Hunting Lessons: Adversary Tools, Tactics, and Procedures.”

They’ll share real-world examples of attackers’ tactics, and will highlight tools and strategies analysts and incident responders can use to hunt for attacks before they cause damage. Register here now.

They’ll also explain how a Security Operations Center (SOC) can protect your organization by increasing your security team’s efficiency and encouraging active hunting. Low and Godin will explain how an effective information security plan and the right technology can help your team stop, think, and respond to threats quickly and calmly.

For more information, check out the webinar details here. Can’t make it? No worries. Go ahead and register and you’ll receive a recording after the webinar.

About GuidePoint Security
Headquartered in Herndon, Virginia, GuidePoint provides innovative and valuable cybersecurity solutions and expertise that enable organizations to successfully achieve their missions. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification is with the System for Award Management (SAM). Learn more at: http://www.guidepointsecurity.com.

GovStar Logo

GuidePoint Security wins 2016 GovStar Star Performer Award

GuidePoint Security is the 2016 Washington SmartCEO GovStar Award winner in the Star Performer Large category.

GovStar awards honor Washington-area government contractors that demonstrate excellence in government contracting.

SmartCEO honored GuidePoint and other GovStar finalists during a special ceremony Nov. 21 at the Hyatt Regency Reston. More than 500 area executives and guests attended to celebrate winners in each GovStar category. GuidePoint and the other finalists will be profiled in SmartCEO’s November/December issue.

“We are honored to be the 2016 Star Performer winner in the Large category,” said Michael Volk, GuidePoint’s Founder and Managing Partner. “We take a lot of pride in the work we do with our government clients. Our team is committed to helping them meet their objectives.”

According to SmartCEO, the 2016 GovStar finalists collectively generated more than $6.5 billion in annual revenue and employ more than 27,000 individuals in Greater Washington.

“The government contracting industry is one of the most complex and competitive business sectors in the world,” said Jaime Nespor-Zawmon, president of SmartCEO. “But day in and day out this year’s finalists come to work with the passion to not only build great businesses but also serve their country, protect U.S. citizens, and drive innovation in healthcare, technology, and communications. They are inspirational, patriotic, and driven to succeed. We are honored to recognize them for their achievements.”

Earlier this year, GuidePoint won a SmartCEO Future 50 award as one of the region’s fastest growing mid-size companies. Last year, GuidePoint was a finalist in the 2015 SmartCEO GovStar Awards in the Industry Star category.

Among other honors garnered by GuidePoint this year are:

  • No. 3 Washington Business Journal Security Technology Companies list
  • No. 5 Top Security Company Inc. 5000 List
  • No. 14 on CRN Fast Growth 150 List
  • No. 19 Top Virginia Companies Inc. 5000 List
  • No. 22 Top Washington, D.C. Companies Inc. 5000 List
  • No. 30 Washington Business Journal Fastest Growing Companies list
  • No. 308 overall 2016 Inc. 5000 List
  • Trending 40’s D.C.’s Red Hot Companies list
  • F5 Federal Partner of the Year
  • No. 192 on CRN Solution Provider 500 list

About GovStar Awards

The GovStar Awards program honors local government contractors for technology innovation, workplace environment, growth, veteran support, and impact on the industry and the marketplace as a whole. The GovStar program recognizes the many commendable attributes of Greater Washington-area companies striving for excellence in this complex and competitive sector. Each year, an independent committee of local business leaders selects the winners based on their growth, innovation, corporate culture, veteran support, and industry impact. For more information about the awards, visit www.smartceo.com/washington-govstar.

About GuidePoint Security

GuidePoint Security LLC provides innovative and valuable cybersecurity solutions and expertise that enable organizations to successfully achieve their mission. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification is with the System for Award Management (SAM). Learn more at: www.guidepointsecurity.com.

Trending 40

Trending 40 says GuidePoint is Red Hot

GuidePoint Security is one of D.C.’s Red Hot Companies.

The latest honor is from Trending 40, an events program that recognizes and celebrates D.C.-area talent from technology, legal, associations, and corporate communities.

Trending 40 honored GuidePoint and other businesses that made the fastest-growing companies list during a special ceremony Tuesday, Nov. 15, at 1776-Crystal City in Crystal City, Virginia.

“When we founded GuidePoint in 2011, we knew we had something special,” Michael Volk, GuidePoint’s Founder and Managing Partner, said. “Awards like this are a testament to the drive our team has to be the best cyber security solution provider in the market, not just in terms of sales and growth, but in outstanding customer support and satisfaction. Each year as GuidePoint grows, it reflects our commitment to continually exceed our customers’ expectations and work with them to meet all of their information security needs.”

According to Trending 40, “DC has been a hotbed of activity in tech, hospitality, real estate, life sciences, healthcare, and nonprofits in recent years. It’s time to celebrate the success of many of these great companies.”

This honor is among several GuidePoint has garnered this year. In addition to making the Trending 40 list, in 2016 GuidePoint has earned:

  • No. 3 Washington Business Journal Security Technology Companies list
  • No. 5 Top Security Company Inc. 5000 List
  • No. 14 on CRN Fast Growth 150 List
  • No. 19 Top Virginia Companies Inc. 5000 List
  • No. 22 Top Washington, D.C. Companies Inc. 5000 List
  • No. 30 Washington Business Journal Fastest Growing Companies list
  • No. 308 overall 2016 Inc. 5000 List
  • SmartCEO Future 50
  • F5 Federal Partner of the Year
  • No. 192 on CRN Solution Provider 500 list

About GuidePoint Security
GuidePoint Security LLC provides innovative and valuable cyber security solutions and expertise that enable organizations to successfully achieve their mission. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification is with the System for Award Management (SAM). Learn more at: www.guidepointsecurity.com.