About Pivot Point Security

Leading Information Security Assessment Firm

Continually evolving technology, business requirements, regulations, and threats make “being secure” and “proving you’re compliant” increasingly complex. The only logical response: Simplify.

Know You’re Secure – Prove You’re Compliant

We make it easier by:

Focusing on the core group of security assessment services you need to do so;
Taking the time to understand your business and then optimizing our approach for your unique situation;
Delivering reports and guidance that are easily understood and acted on by both management and technical personnel; and
Basing your assessment and recommendations on trusted, “open” (non-proprietary, non-vendor specific) guidance to simplify the process of operating and maintaining your Information Security Management System after we leave.

NJ SBE w/ State Contract: 77560

Pivot Point Security has been architected to provide maximum levels of independent and objective information security expertise to our varied client base. Our policy of not selling product and our absolute focus on four core practice areas; Security Assessments, Ethical Hacking, Compliance Assessments, and Security Information Event Management (SIEM) ensures that we have the highest possible levels of competence and independence. Coupling this with our “mutual benefit” centric approach has allowed us to earn the trust of our clients, many of whom we have enjoyed working with since our founding. We count amongst our satisfied client base, small family run organizations and some of the world’s largest multi-nationals. Our clients span a diverse cross-section of market sectors including: Non Profits, Pharmaceuticals, Financials, Telecommunications, and Government.

Pivot Point Security has the right combination of Information Security / Compliance domain expertise, technology industry knowledge & experience, and organizational character to simplify the process of defining and executing on the best course of action so you can know you’re secure and prove you’re compliant. Pivot Point Security is a great choice for your Information Security demand.

John Verry, Security Sherpa

John Verry takes his role as “Security Sherpa” (guide) quite seriously, believing that security is a path not a destination; he is committed to helping entities of all sizes and shapes achieve their security goals. He has led hundreds of high-profile security assessments across diverse noteworthy systems in government, telecommunications, critical infrastructure, finance and transportation for over ten years. A frequent speaker on information assurance, Verry often emphasizes management’s role in controlling information security risk. He writes the Risky Business blog on the PPS website and has authored numerous information assurance white papers and articles.

Simple is important. Our emphasis is on building services that simplify the process of knowing you're secure and proving you're compliant–John Verry

How concerned are you about your Information Security posture? Are you trying to differentiate yourself from your competition?–John Verry

Responsibility isn’t always obvious but ultimately the responsibility lies with the company who outsources the data, as well as the outsourced vendors.–John Verry

ISO 27001 Roadmap

ISO 27001 is manageable and not out of reach for anyone! It’s a process made up of things you already know – and things you may already be doing.

Database Security Roadmap

Database Security is one step in a comprehensive approach to building a robust Information Security Management System.

Penetration Testing

Penetration Tests are often used in a manner that is inconsistent with achieving the assurance that the organization seeks.

SIEM Whitepaper

Best Practices for SIEM learned from working closely with numerous vendors and customers on a wide variety of SIEM projects.