Our red team researchers analyze your technologies, people, and processes to identify the security weaknesses in your organization...before the bad guys do.

 

Our team has a 100% success rate.

How we do it

 

Burtelson brings nearly 30 years of experience to the table. We employ the best solutions to security challenges. What sets us apart is not only our business, but our people. We have a startup culture, and we have some of the best and most talented hackers and engineers working in a creative environment that allows thoughts and ideas to grow. We work one-on-one with our clients, and we make them feel at ease and secure. We explain security and technology issues in a way that is informative for our clients, and we walk them through a process that can often seem intimidating.

 

We know that educating our clients is the best way to provide the best services. Our job doesn't end with assessing our client's security vulnerabilities. We work with healthcare organizations to teach executives and clinical staff about the dangers of social engineering attacks, as well as technical attacks, and how they can be prevented. We also teach our clients about new security technologies and how they and their organization can benefit.

 

We organize an annual conference, Project White Hat Conference, where we invite our clients, healthcare executives and IT/InfoSec staff

to San Francisco to attend workshops, learn about the latest security technology and how to defend against the latest cyber-physical threats...and even learn how to do some hacking of their own.  The inaugural conference, PWH20, will be held in October 2020.

 

We are hackers. Don't worry, we're "White Hats."

 

We are a company of hackers. You may also call us security researchers. In the computer security context, a hacker is someone who seeks and exploits weaknesses in a computer system or computer network. The fact that we are white hat hackers means that we do this for the sole purpose of helping our clients find holes in their security, and we work to fix those holes. This is also called ethical hacking. We are proud to have some of the best hackers out there, and everything we do is to make sure that our clients have the best protection from the bad guys. We have regular "hackathons" where our teams will spend an entire evening working on new exploits. This serves several important purposes: it builds teamwork amongst our people, it allows our teams to locate new security vulnerabilities in current software, and it challenges our teams to create offensive security exploits against physical security attacks. Plus, it's just fun.

Criminal hackers are (usually) smart. They have some great tools and they know how to penetrate a system. Fortunately for our clients, we know how to beat them at their own game. We not only know the most common exploits, but we get ahead of them by anticipating their moves. We do this by using cutting-edge analyses of cyber attack patterns, and we use this information to anticipate a new type of attack before the bad guys can make their move.

Criminal hackers come in all shapes and sizes. They are sometimes in plain sight, like at a local coffee shop, or hidden in caves (it's true). But they all have one thing in common: they are coming after you and they want to cause as much damage as possible. This can be anything from an annoying inconvenience, to the disruption of your entire data system and the theft of your organization's confidential records, such as patient PHI and employee data, and other valuable propriety information.

Healthcare organizations are a major target. Yes, even your

independent medical and dental practice. Here's the facts:

 

Healthcare data is unique, which makes the privacy and security of it so critical. Credit cards can be canceled when they are lost or stolen, but medical records can be compromised for years.

 

According to Verizon Data Breach Reports, electronic health records sell for $50 per chart on the black market, compared to $1 for a stolen social security number or credit card number. A significant number of data breaches in healthcare organizations involved the compromise of legitimate credentials using social engineering and spear phishing attacks.

 

Criminal attacks, the number one root cause of healthcare data breaches, are rapidly rising. The reason for this is medical records contain most of the data criminal hackers want, making them ideal for one-stop stealing. Weak cyber security makes electronic protected health information (ePHI) extremely vulnerable, and your patients could be affected for a long time. We know how to stop these thefts because our team knows how criminal hackers think, know the exploits they use, and know their patterns of attack. It's the Burtelson way.

 

It all starts with the best research.

 

Cutting edge cyber security research is essential to combating security breaches. That's why we participate in research that helps us better understand how security breaches happen, and the technology behind them. Working with industry, academic institutions and government agencies, we participate in research areas that include biometric security vulnerabilities, medical device vulnerabilities, methods of remote hacking of SIM cards, exploiting outdated encryption on mobile devices, as well as the latest EHR exploits and hacker patterns and signatures.

 

Our research team freely pursues the science and engineering behind security problems, and learns new and innovative ways of fending off cyber attacks; nearly half of our operating expenses are in security R&D. We are currently planning the development of on-site lab and training facilities where are team routinely researches and trains in the latest cyber-physical security exploits in real-world scenarios.

The documents below can provide enhanced information on how we can help assess your information security and compliance needs.

Healthcare Information Security Management Solution (PDF, 289KB)

We provide a cost-effective security testing and management solution

designed to secure protected health information and client assets.

Healthcare Information Security Threat Intelligence White Paper (PDF, 378KB)

This paper summarizes the complete aspect of Burtelson’s cyber

intelligence strategy points.

Healthcare Information Security Compliance White Paper (PDF, 325KB)

This paper summarizes the complete aspect of Burtelson’s compliance

and policies and procedures deployment strategy.

Client Case Study (PDF, 360KB)

Even after a long series of penetration testing, this company still had

significant vulnerabilities and was targeted. Find our how we were able

to help them.

Client Case Study (PDF, 384KB)

After multiple increases to their physical security, this company continued

to have significant vulnerabilities. Find out how were were able to help them.

© 2018 Burtelson Security Labs, Inc.

Burtelson Security | (949) 655-4225