Blue Bastion was founded in 2017 as a division of Ideal Integrations, a local managed service provider and value-added reseller. Our team saw the threat landscape begin to rapidly evolve and knew that most businesses did not have the time nor resources to keep up. The foundation of the Blue Bastion services include Managed Detection and Response (MDR), Incident Response/Blue Team Services, and Forensics. In 2021, Blue Bastion added a Vice President of Offensive Security to overhaul and expand our Offensive Security Practice. As cyber security has become more complex, we have found that it is imperative to be proactive rather than reactive. Penetration Testing is one of the most common offensive security exercises. This type of testing involves simulating a cyber attack to locate weaknesses and vulnerabilities within an organization. It is designed to emulate real world risks and test an organization’s response to those risks. Penetration Testing is often a common practice to satisfy compliance requirements, as they may dictate a certain level of testing. The ISO 27001 standard, for example, requires all managers and system owners to conduct regular penetration tests and security reviews, with skilled testers. Another component of Offensive Security is Red Teaming with Adversarial Threat Emulation. Red Teaming is the practice of testing the security of an organization’s systems by attempting to hack them. A Red Team’s role is to emulate a genuinely malicious actor with the intention of breaking into an organization’s systems. The organization might have an extremely well-developed penetration testing process, which provides a confidence that the systems can’t be breached by external actors. The Red Team would take note of this and would take a more direct approach: (i.e.) forging an employee access card, walking into a corporate building and advising the on-site staff that the Red Team is “from IT.” In some cases, unknowingly “helpful” employees will let the Red Team access, copy, and exit the building with sensitive data. Red Team operations differ from that of Penetration Testing as they have more narrowed objectives with a simultaneous approach. These operations often involve an increase in personnel, resources and time, as the Red Team is chartered with digging deeply to fully understand the realistic level of risk and the vulnerabilities of an organization's technology, human, and physical assets. Red Teams also work in conjunction with Blue Teams. As the Red Team determines vulnerabilities and methods to break-in to an organization, the Blue Team counters the attacks and develops better defenses against them. After the Blue Team builds these defenses, the Red Team tests again, providing for a continuous cycle. Developing a relationship with Blue Bastion ensures that an organization will have a long-term security strategy providing business protection. We offer sustainable services that can be replicated from year-to-year, allowing progress to be both tracked and documented. Blue Bastion, as part of Ideal Integrations, has the unique perspective of understanding all aspects of IT: providing Security solutions as well as Managed Services (Infrastructure, Disaster Recovery, Business Continuity). The Blue Bastion team understands that typical IT Departments tend to build teams, processes, budgets and priorities to ensure service delivery. Cybersecurity Departments, by contrast, see the world through the lens of risk mitigation, risk management and cybersecurity oversight. It is important that these departments work in conjunction with one another, keeping in mind best practices in operations while also being secure. The modern Information Technology landscape is now marked by such technologies and functions as analytics, automation, IoT, cloud computing, DevOps, virtualization, hyperconvergence, AI and machine learning—all of which are vital to security teams in fulfilling their core mission of risk mitigation. Blue Bastion and Ideal Integrations demonstrate how these fields function simultaneously and successfully every day. Should an organization seek additional assistance and leadership, Blue Bastion can provide a Virtual Chief Information Security Officer engagement, to provide industry respected insight, guidance and experience needed to grow and mature securely along the Security Maturity Model. Blue Bastion’s team is looking forward to establishing new relationships and helping organizations from all verticals improve their security posture.