Services that span the cybersecurity lifecyle including: advisory, compliance, technical testing, and engineering services. Learn more about why Coalfire is a leader in cybersecurity.
Coalfire Federal has a proven track record of providing a full spectrum of cybersecurity services for federal government clients.
CoalfireOne delivers the technology and insight to help you simplify compliance and reduce risks. Announcing CoalfireOne, the latest suite of tools by Coalfire, designed to empower your enterprise.
Understand and manage your organization's cyber risk. Let Coalfire give you valuable insight that will help you optimize your risk management activities.
National Information Solutions Cooperative (NISC) is an information technology cooperative that develops and supports software and hardware solutions for utility and telecommunications cooperatives...
For BranchServ, a leading security and automation equipment and service provider to financial institutions nationwide, identifying logical vulnerabilities was critical to optimizing overall...
Payce, a B2B loyalty rewards and engagement company, wanted to ensure they were protecting consumer credit card data in a manner that complied with the Payment Card Industry Data Security Standard ...
By leveraging HITRUST, HealthcareData Company decreased the amount of time spent responding to client security audits, as well as significantly reduced risks – a key differentiator when pursuing...
Now more than ever, organizations need to be more vigilant and concerned with
security. To defend against known and emerging threats, you must have an
effective incident response (IR) plan.
We offer two services - full service vulnerability scans and self-service vulnerability scans. Each of these have been purposely designed to be easy to deploy and proven to add valuable insight...
Coalfire’s specialists provide expert advice that allows your organization to better understand and prepare for the ISO certification process, while allowing you to stay focused on your business.
Coalfire is an approved PCI Forensic Investigator (PFI) company. Certified by the PCI DSS, we can help determine the occurrence of a cardholder data compromise and when and how it may have occurred.
In this webinar, Coalfire’s cybersecurity and IT experts will offer their real-world experience in facing and overcoming today’s challenges with finding qualified leaders to build and own the...
ISO 27701 is the first ISO standard that references an external framework or publication not actually developed by ISO, in this case the GDPR. However, despite the GDPR being in effect for more...
10-Minute online video course
The Department of Defense (DoD) is developing the Cybersecurity Maturity Model Certification (CMMC), a new framework designed to assess and enhance the cybersecurity posture of the Defense...
This white paper provides detailed information on the new HITRUST PRISMA weights and scoring rubrics. The new rubric is effective for assessments submitted on December 31, 2019 and later. The new...
The Securealities report, Cloud Security Intelligence Report, provides a detailed look at how organizations are responding to security threats in the cloud. The report highlights what is and is not...
The Annual Penetration Risk Report provides a detailed look into the datasets tracked and analyzed over the last year of hundreds of engagements and penetration tests by Coalfire Labs, yielding...
Mark Carney discusses the talent gap and Coalfire’s penetration testing report. Watch all Black Hat 2019 interviews at SecurityGuyTV.com.
By leveraging SOC, IronCore Labs decreased the amount of time spent responding to client security audits and significantly reduced risks.
Coalfire started in 2001 with a simple idea – cyber threats are increasing, compliance mandates are getting more complicated, and a well-designed cybersecurity program can help fuel your overall success.
Coalfire helps organizations comply with global financial, government, industry and healthcare mandates while helping build the IT infrastructure and security systems that will protect their business from security breaches and data theft. The company is a leading provider of IT advisory services for security in retail, payments, healthcare, financial services, higher education, hospitality, government and utilities.
The Coalfire Board of Directors provides invaluable guidance for the organization and reflects Coalfire’s dedication to achieving success for our customers.
Coalfire’s executive leadership team comprises some of the most knowledgeable professionals in cybersecurity, representing many decades of experience leading and developing teams to outperform in meeting the security challenges of commercial and government clients. With diverse backgrounds in IT systems security, governmental security, compliance, and reducing risk while implementing the latest enabling technologies (such as the Cloud and IoT), our leaders understand the challenges customers face.
Security is a team game. If your organization values both independence and security, perhaps we should become partners.
With a passion for quality, Coalfire uses a process-driven quality approach to improve the customer experience and deliver unparalleled results.
Created in honor of the late co-founder of Coalfire, the Richard E. Dakin Fund at The Denver Foundation is supporting scholarship programs at several universities for promising college students studying cybersecurity and related fields.
The increased need for cyber security has become a common enterprise priority across the globe. However, industry requirements for effective cyber risk management are as distinct as the individual entities under fire. Enterprises and government organizations need more than an off-the-shelf audit to provide an effective threat assessment. They need industry- and organization-specific insights, tools and processes to protect digital assets and ensure compliance.
Coalfire can help cloud service providers prioritize the cyber risks to the company, and find the right cyber risk management and compliance efforts that keeps customer data secure, and helps differentiate products.
"Success" at a government entity looks different at a commercial organization. Create cybersecurity solutions to support your mission goals with a team that understands your unique requirements.
The financial services industry was built upon security and privacy. As cyber-attacks become more sophisticated, a strong vault and a guard at the door won’t offer any protection against phishing, DDoS attacks and IT infrastructure breaches.
The continuum of care is a concept involving an integrated system of care that guides and tracks patients over time through a comprehensive array of health services spanning all levels of care. Interoperability is the central idea to this care continuum making it possible to have the right information at the right time for the right people to make the right decisions.
Maintaining network and data security in any large organization is a major challenge for information systems departments. However, in the higher education environment, the protection of IT assets and sensitive information must be balanced with the need for ‘openness’ and academic freedom; making this a more difficult and complex task.
When it comes to cyber threats, the hospitality industry is not a friendly place. Hotels and resorts have proven to be a favorite target for cyber criminals who are looking for high transaction volume, large databases and low barriers to entry.
The payments industry is undergoing rapid changes and unfortunately, an increasing risk for data breaches. Cyber criminals are growing increasingly businesslike, and payments leaders need to move quickly to cover their cyber risk.
The food and beverage industry is under attack from cyber criminals intent on stealing payment information. The food and beverage industry makes up the highest percentage of breach investigations, at nearly 73 percent, according to Visa.
The global retail industry has become the top target for cyber terrorists, and the impact of this onslaught has been staggering to merchants. To secure the complex IT infrastructure of a retail environment, merchants must embrace enterprise-wide cyber risk management practices that reduces risk, minimizes costs and provides security to their customers and their bottom line.
Private enterprises serving government and state agencies need to be upheld to the same information management practices and standards as the organizations they serve. Coalfire has over 16 years of experience helping companies navigate increasing complex governance and risk standards for public institutions and their IT vendors.
Technology innovations are enabling new methods for corporations and governments to operate and driving changes in consumer behavior. The companies delivering these technology products are facilitating business transformation that provides new operating models, increased efficiency and engagement with consumers as businesses seek a competitive advantage.
Cybersecurity has entered the list of the top five concerns for U.S. electric utilities, and with good reason. According to the Department of Homeland Security, attacks on the utilities industry are rising "at an alarming rate."
Cyber risk management, advisory, technology and compliance services. Manage risk and maximize return on investment to prevent data breaches and theft. Coalfire’s solutions are led by a team of industry experts that help enterprise organizations understand a wide range of compliance and risk management initiatives, which enables a consistent cybersecurity framework across the organization.
Securing the design, development, and deployment of your applications
Listen to real-life stories of our security team exploiting vulnerabilities
Evaluate risk, identify breakdowns in protections, and implement remediation strategies.
Test the security of your IoT solution, end-to-end
Understand vulnerabilities and implement remediation before they’re exploited
Test your organization’s defense against a simulated real-world attack
Use malware and vulnerability research, open-source tools, and opinions to provide realistic adversary simulations
This powerful cloud-based platform delivers technology and insight to help you simplify compliance, reduce risks, and empower your enterprise’s security.
Quickly configure and manage your needs for internal and external vulnerability scanning and PCI authorized scanning vendor (ASV) requirements.
Developed and used by our own assessors, CoalfireOne℠ provides a single place to access assessments tailored by our practice experts to fit your needs.
Simplify DEA EPCS compliance
Certification and accreditation process for DoD
Get FedRAMP authorized with the leading 3PAO
Reducing financial IT security risk
Meet your FISMA authorization needs
Health data protection for all shapes and sizes
A risk management and third-party assurance solution
An internationally recognized approach to information security
ITAR and EAR advisory and assessment
Protect Controlled Unclassified Information for nonfederal
Payment application security validation
PCI Data Security Standard compliance
Have you suffered a data breach of cardholder data?
Privacy programs to secure consumer data
Establish and report controls to differentiate your organization
Demonstrate your commitment to cybersecurity
Secure your IT perimeter and integrate the latest boundary protection for your business applications and critical data
Preemptively secure your systems while taking the strain off your security teams
Make smart, strategic, and informed decisions about security events
Team with Coalfire cybersecurity experts to help design, implement, and optimize your critical business applications
Assess, plan, strengthen, and maintain your security posture
Expert opinions to showcase regulatory and security use of your products
Prepare for and resolve security incidents quickly and effectively to minimize your business impact
Uncover weaknesses in your cyber program
Measure the cybersecurity maturity of your enterprise
Close the cybersecurity risk and compliance gap
Evaluate risk throughout the merger or acquisition process
A structured approach to enabling cyber resilience
Trusted third-party risk assurance for businesses and service providers
Close the gaps in your cybersecurity leadership
Ensure compliance of your cloud usage by leveraging our expertise across multiple frameworks and our extensive experience with more than 700 cloud service providers
Assess your cloud strategy and the maturity of your cloud security program, and then chart a path to a more secure program that aligns with business objectives
Identify risk and vulnerabilities across all devices, and apply solutions to mitigate security issues across your business’s entire cloud ecosystem
Better understand the unique risks posed by the cloud and how to assess your cloud program to effectively identify cloud-specific risks and threats and close critical security gaps
Build customized, automated processes so you can stand up and manage secure, compliant, audit-ready cloud environments to get to market faster