• Home

  • Custom Ecommerce
  • Application Development
  • Database Consulting
  • Cloud Hosting
  • Systems Integration
  • Legacy Business Systems
  • Security & Compliance
  • GIS

  • Expertise

  • About Us
  • Our Team
  • Clients
  • Careers

  • Blog

  • EpiTrax

  • VisionPort

  • Contact
  • Expertise

    We have the experience and knowledge to choose the right tools.

    ‹ Return to Expertise Index

    Security, Encryption, Vulnerability Mitigation

    Expertise tls.webp
    Expertise gpg.webp
    Expertise pgp.webp
    Expertise openssh.webp
    Expertise lets encrypt.webp
    Expertise comodo.webp
    Expertise hipaa.webp

    It takes intelligence and expertise to stop cyber attacks.

    The challenges to ensuring the security, privacy, and integrity of technology systems have never been greater. A growing reliance on networked computers has given rise to greater vulnerabilities and created formidable new threats.

    End Point Dev protects the privacy & security of your business.

    Information security requires protecting computers, software, and information systems from theft, damage, and disruption—​no matter the cause. Security means protection from natural disasters, as well as bad actors. At End Point Dev, we help organizations harden their infrastructure and software applications against any threat.

    We execute for security.

    We take seriously our responsibility to safeguard the systems and data our clients entrust to us. We continually train our staff on evolving security threats, procedures, and safeguards. From years of experience in security-conscious industries—​ecommerce, healthcare, and finance—​we’re familiar with the special handling required for sensitive information. This familiarity is rooted in our work creating PCI DSS compliant systems for payment processing and HIPAA compliant software for the medical world.

    Everybody likes to say that their system administrators stay informed of emerging security vulnerabilities and apply software patches. Ours really do.

    End Point Dev offers security & risk assessment services to:

    • Audit to identify infrastructure security risks, including software, personnel and operational practices.
    • Plan to protect infrastructure, systems and data.
    • Harden infrastructure and software applications.
    • Deploy real-time monitoring and recovery systems.
    • Respond to threats and plan for ongoing improvement.

    Encryption

    Do your business needs require data encrypted in transit and at rest? Do you need an expert team to look at your ecommerce encryption? We have deep experience in crafting system security and can work with your needs.

    SSL/TLS certificates

    Along with our domain name and DNS services, End Point Dev offers SSL/TLS certificate services for our clients including:

    • Choosing an SSL certificate authority and provider
    • Integration with ACME-automated, free certificate authorities like Let’s Encrypt
    • SSL certificate purchases and configuration with CDNs
    • SSL certificate renewals
    • SSL certificate expiration and HTTPS configuration monitoring

    SSH (Secure Shell protocol)

    End Point Dev uses SSH to access most of our client projects. We primarily use public key authentication with 4096-bit RSA and ed25519 keys, avoiding ECDSA and DSA keys. We also use SFTP for secure file transfer systems, which runs over SSH.

    PGP (Pretty Good Privacy)

    The PGP standard and GnuPG (GPG) open-source implementation allow for secure sharing and storage of confidential data. We offer help implementing PGP for your workflow and use it ourselves for compartmentalizing sensitive private data.

    Vulnerability remediation

    End Point Dev is experienced with the entire security vulnerability process, from helping you pick the right tools and software for scanning, patching holes, and making long term plans to update your infrastructure. Whether on Windows or Linux, one machine or your entire infrastructure, we have you covered with security scans and updates.

    Specialized expertise and tools:

    • Cryptography (symmetric and asymmetric public-key)
    • LUKS, dm-crypt, FileVault, BitLocker, eCryptFS, cryptoloop
    • OpenSSH
    • OpenSSL
    • PGP/GnuPG
    • SSL/TLS for HTTPS and other protocols
    Send us a message!

    Related blog posts

    Vulnerability Scanning

    Jeremy Freeman · September 15, 2022

    Implementing Authentication in ASP.NET Core Web APIs

    Kevin Campusano · June 17, 2022

    Using pgTAP to automate database testing

    Josh Tolley · March 16, 2022

    Using a YubiKey as authentication for an encrypted disk

    Zed Jensen · March 7, 2022

    Fixing a PostgreSQL cluster that has no superuser

    Jon Jensen · January 7, 2022

    Remote Access Control with AWS Security Groups

    Ardyn Majere · December 23, 2021

    Tls
    Gpg
    Pgp
    Openssh
    Lets encrypt
    Comodo
    Hipaa