Securosis Project Accelerators (SPA) are packaged consulting offerings to bring our applied research and battle-tested field experiences to your cloud deployments. These in-depth programs combine assessment, tailored workshops, and ongoing support to ensure you can secure your cloud projects better and faster. They are designed to cut months or years off your projects while integrating leading-edge cloud security practices into your existing operations.
Based on a combination of the pragmatic, hands-on research and experience of Securosis, combined with the industry leadership of the Cloud Security Alliance, these field tested techniques and frameworks, already in use by organizations from F500 enterprises to early startups, improve security and save costs without sacrificing agility that makes cloud so compelling for organizations of all sizes. We take the lessons of the leading edge and make them accessible to everyone.
Securosis will be introducing a line of research products and inquiry-based subscription services designed to assist end user organizations in accelerating project and program success. Additional advisory projects are also available, including product selection assistance, technology and architecture strategy, education, security management evaluations, and risk assessment.
Each workshop is custom-built using Securosis research modules tailored to your objectives, constraints, and needs. To be clear, project accelerators aren’t training classes. These are highly-focused consulting engagements that cut the cruft and focus on practical recommendations to accelerate your success. Our methodologies help ensure your cloud deployments are secure, agile, and effective.
Each Securosis Project Accelerator includes four components:
You’ll kick off the project accelerator with a structured call to help us understand your situation and objectives, get a feel for your environment, and figure out the best way to accelerate your project.
An analyst will work with you on-site for a day to build foundational knowledge, evaluate your project, define architectures and controls, provide specific recommendations, and basically do whatever is necessary to make sure your project is set up for success.
After the workshop is completed, the analyst will compile the findings into a document, including findings, recommendations, an action plan and additional background research to ensure you spend time doing things, not figuring out what to do.
To ensure you don’t lose project momentum after the workshop, we schedule accountability calls (typically at 2 and 6 weeks post-workshop) to make sure the project is on track and identify and discuss issues.
Some organizations just need the knowledge to kick start their cloud project, but with customized content, not generic training. Other teams need a specific assessment of a new or existing application with detailed architectural and security controls guidance. Each program is based on proven methodologies and real-world experience, then customized to meet your specific needs.
Workshops are provider-specific and available for Amazon Web Services and Microsoft Azure, with further platforms in development.
This SPA is designed for organizations still building their foundation for cloud security. In our pre-workshop assessment we evaluate your existing security program and experience with cloud computing. During the workshop we bring you the latest best practices for your provider’s security, customized to your organization and existing security tools and processes, and aligned with the latest work of the Cloud Security Alliance. We make specific recommendations to build your cloud security program, and follow up with ongoing support calls.
This SPA provides practical recommendations to rapidly secure a new or existing project. In our pre-workshop assessment we evaluate your existing cloud security, the project requirements, and begin collecting documentation. We use this to perform additional custom research before arriving on-site for a focused day where we dive deep into the project using a structured methodology honed through years of hands-on cloud security and lessons learned through in-depth industry research. We provide detailed architectural and security controls recommendations.
Once you understand the fundamentals, use this SPA to build an ongoing, sustainable, and effective cloud security program. In the pre-workshop assessment we collect detailed information on your existing security program, tools, and technologies. During the workshop we build a cloud security program based on our extensive research and experience, but completely customized to mesh with your existing organization. This goes beyond generic policies into evaluating leveraging existing security tools, identifying gaps, integrating new, cloud-specific security technologies, and tying it all together through sustainable processes and security automation.