Harbor Labs Logo
Summer Newsletter 2017 - Harbor Labs

Summer Newsletter from Harbor Labs

Greetings from Harbor Labs! Here's a brief update on our company.

Incredible talent pipeline

We continue to press our unfair advantage, capitalizing on the talent pipeline from Johns Hopkins. We've hired the top students from several security and networking courses that I taught. There's nothing like a 4 month job interview to guarantee a successful match! We welcome Katie Chang, David Russell, and Venky Gopal who joined our technical team this year.

Litigation support and expert testimony

Our litigation support consulting has grown considerably, with testimony in three trials since March, and as many depositions. As I write this four members of our team are in 3 different cities performing code reviews, and our code review business now extends to supporting several experts who are independent professors outside of Harbor Labs. Also, we now have three staff members who are serving as testifying experts, with the rest of the team lending support on their cases. Many of our recent cases involved set top boxes, and we have developed significant expertise in analyzing these technologies.

Security Consulting

The biggest growth area at Harbor Labs is our traditional security consulting. Some exciting work:

  • Security Evaluation: We are performing end to end whole system evaluation for several clients, including threat assessment, risk analysis, architecture review, and penetration testing.
  • Code Development: We are developing code for several of our clients, providing the crypto portion of systems they are building either in house or with outside developers who do not possess our level of expertise, using standard Crypto libraries. This is a niche business that suits us well, and which I intend to grow. Current clients include include a large medical device company, a stock trading system, and a healthcare company.
  • Embedded Device Analysis: We are working on reverse engineering various medical devices to test their security. Projects involve black box assessments where we only have the device, gray box analysis where we have some documentation, or white box where we have full documentation and access to the developers.
  • Patent Portfolio Evaluation: We are working with several large companies to help them prioritize, evaluate and understand their patent portfolios. Deliverables include heat maps, evaluation of the market and who is using the technology, and in a couple of cases, infringement analysis.
  • Technology Recommendations: We have a few clients who have hired us to help recommend security technologies locally or in the cloud, including choice of APIs, systems, libraries, and products. We remain completely independent and offer the best suggestions on what the market has to offer.

Training

The staff at Harbor Labs have been busy designing four live security training courses. We have one half-day courses designed for executives. The class tracks the NIST Risk Management Framework for CyberSecurity. We also have a one-day Basic CyberSecurity Awareness course for non-technical people who work in an office. Finally, we are developing two technical, in-class hands on courses with our own virtualized simulation environment: CyberSecurity for Application Developers and Network Forensics Using Wireshark. More information about these courses is at www.harbortraining.com.

It's an exciting year, and we are looking forward to hearing from our clients, friends, and associates to help address your cybersecurity and litigation support needs!

Avi