Company Overview of Stroz Friedberg, LLC
Stroz Friedberg, LLC provides cyber-security consultancy worldwide. It offers digital forensics services, such as computer-enabled theft of intellectual property; mass and targeted deletions, and wiping of computerized data; e-forgeries; data breaches; spoliation; database forensics; child pornography in the workplace; money laundering; expert testimony; forensic examinations; and social networking, mobile device, and mobile phone forensics. It provides data breach and cybercrime response services, such as data breaches, post-payment card industry certification assurance, botnets and malicious code, privacy audits, expert testimony, compliance review, healthcare and hotel data breach, online...
32 Avenue of the Americas
New York, NY 10013
Founded in 2000
Key Executives for Stroz Friedberg, LLC
Founder and Executive Chairman
Chief Financial Officer and Executive Managing Director
Managing Director and Deputy General Counsel
Compensation as of Fiscal Year 2015.
Stroz Friedberg, LLC Key Developments
Stroz Friedberg, LLC Presents at Investment Week, Fund Management Summit 2015, Oct-08-2015 02:45 PM
Sep 24 15
Stroz Friedberg, LLC Presents at Investment Week, Fund Management Summit 2015, Oct-08-2015 02:45 PM. Venue: Marriott Grosvenor Square, London W1K 6JP, United Kingdom. Speakers: Phil Huggins, Vice President, Security Science.
Stroz Friedberg LLC Appoints Stephen D. Whetstone as Managing Director and Global Lead of Data Discovery Practice
Dec 10 14
Stroz Friedberg LLC announced that Stephen D. Whetstone has joined as Managing Director and global lead of the firm's Data Discovery practice. He is based in the Boston office. Most recently, he was Vice President and Leader of Document Management Solutions and Legal Solutions at Pitney Bowes.
Stroz Friedberg, LLC Develops Open Source Tool, unTRUST
Aug 11 14
Stroz Friedberg, LLC has developed an open source tool, "unTRUST, " to allow enterprise and personal users to protect their data on iOS devices such as the iPhone and iPad. The whitepaper also lists recommendations to mitigate the security risk. The vulnerability can occur when a user connects his or her device to a computer via USB cable and selects "Trust" when the "Trust This Computer?" dialog box pops up. Users have the ability to elect to trust multiple computers and the potential for exploit increases as the number of trust relationships increase. A pairing record is then created on both the device and the computer in order for them to facilitate a variety of services. An unauthorized person with access to a "trusted" computer or a modified USB charger can exploit these services's USB, remotely or over Wi-Fi and gain access to sensitive personal data. This includes user, application, diagnostic, file and system data. Stroz Friedberg developed its unTRUST tool to remove the pairing records at the heart of the issue. The security hole was first reported during the Hackers on Planet Earth (HOPE) conference in July by digital forensic scientist Jonathan Zdziarski. He revealed several services present on iOS devices that can possibly provide unannounced packet-sniffing and data-dumping capabilities that bypass device settings and back-up encryption. Stroz Friedberg undertook an effort to independently test and validate Zdziarski's research and was able to reproduce many of his findings on iOS devices running iOS versions 7 and 8. Stroz Friedberg's unTRUST tool is publicly accessible through its GitHub repository. The firm also recommends general mitigation strategies, among them: Delete all pairing records that currently exist on the iOS device. Trust only one computer (a computer necessary for syncing and updates) and implement security controls on the iOS device and the "trusted" computer. Do not allow other untrusted connections, including connections to other unnecessary computers, and other Internet-connected devices (e.g. kiosk computers). Because the trusted relationship can be exploited through Wi-Fi, disable Wi-Fi when not needed. For trusted computers, implement the following, where possible: Encrypt data-at-rest. Ensure operating system and application patching is kept up-to-date. For iOS devices, implement the following, where possible: Enable complex passwords; Do not store account credentials in clear text on the device.; and Ensure iOS and apps are kept up-to-date.
Similar Private Companies By Industry
Recent Private Companies Transactions