NEW FEATURE
Cobalt PtaaS + DAST combines manual pentests and automated scanning for comprehensive applications security.
NEW FEATURE
Cobalt PtaaS + DAST combines manual pentests and automated scanning for comprehensive applications security.

No Silver Bullet for Security and Compliance: How Strata Consulting Help Teams Keep Up With Challenges

The strength of a security and compliance program is rooted in meshing with the uniqueness of the company's culture.

As companies grow, their systems grow with them, making security and compliance challenges that much more complex. It's tempting to look for a formula on how to build a compliance program -- the truth is, there is no silver bullet, and the steps forward are highly individual. 

Which is why Cobalt partner Strata Consulting leverages over a decade of experience to guide teams towards a security strategy that is most effective for them. We sat down with founders Thomas Fou and Hooman Mohajeri to learn more about their company, how they work with customers, and what might lie ahead in the security industry.

 

Hello, Thomas and Hooman! Tell us more about yourself and Strata Consulting.

Thank you, Cobalt.  We appreciate being your partner. We are co-founders of Strata Consulting.  We have always had a passion for technology and security and for helping companies build scalable and secure services. After spending 5 years at a mobile payments startup together, we started Strata Consulting to help other companies do exactly that. 

 

What’s the biggest security problem you’re aiming to solve? And how? 

The biggest security problem we are aiming to solve is to help customers navigate the complex web of security controls, requirements, risks, and threats in a manageable, scalable, and elegant way.

Security and compliance are there to serve the needs of a business. As a business evolves, it has to make choices on how to manage security risks with a limited set of resources and budgets to serve the company’s missions, goals, and objectives. With so many different security standards, requirements, and certifications, it is not always so clear what a company needs to do short term and long term. 

There is no silver bullet to address security and compliance woes. We bring our experience working with over 170 companies for over a decade to build secure and scalable infrastructure tied to a strong security and compliance program. The strength of the security and compliance program is rooted in meshing with the uniqueness of each company's culture. This ensures that the programs are designed in an elastic manner to account for the unexpected without relying on rigid structures that tend to succeed much less often.

 

Tell us about the value you bring to your customers. How do they describe you? 

The value we bring to our customers:

  1. Ability to execute fast, but efficiently 
  2. Quality of our work
  3. Collaborative approach to consulting

Our customers always remember us from our professionalism and going the extra mile to do what it takes to get the job done.  We have a win-win and help-win mentality here at Strata.  I think that aligns well with Cobalt.

 

How do Strata Consulting and Cobalt click together? What do you think the security community will find most valuable about our partnership? 

Strata Consulting and Cobalt are a natural complementary pair. As a consulting company helping others build secure and scalable infrastructure and services, we always recommend that customers conduct proper vulnerability and penetration tests on their network, systems, and applications. Every company needs a clear and accurate view of all its vulnerabilities. If they do not have this and a malicious actor finds out about a vulnerability before they do, that malicious actor can take advantage of the vulnerability and harm the company. That can lead to disastrous results depending on the type of breach and what data and business processes are impacted. 

To do that properly, you need experts who can complete these tests in a comprehensive and reliable way. Cobalt is a partner that we have come to rely upon to do this for many of our customers. The security community will find most valuable that together we can be their trusted partners for pentesting, security, and compliance needs.  

 

What's on the horizon for you — any previews you can give into what lies ahead for Strata Consulting, or where you think the industry as a whole is going? 

What lies ahead are tools, services, and automation to help companies navigate the security and compliance web. You are going to see Strata innovate in leveraging these tools and helping companies use them effectively so they can save time, and money, and most importantly reduce security risks to manageable levels on a continuous basis.

 

We always sneak a fun question at the end: If Strata Consulting had a mascot, what would it be?

Great question. Since this is a fun question, perhaps we can have a fun answer. Our mascot would be Voltron. Yes–as in Voltron from the cartoon. For those of you who do not know who Voltron is–it is a cartoon series where the characters are these five individuals who have discovered these robot lions. They team up to fight the bad guys. Quite often–these characters would overcome bad guys by working together, usually by forming Voltron.  

We have a culture here at Strata where we encourage our consultants to work together as a team–with each other, with our customers, and with our partners. Taking on security and compliance individually can be daunting if not, a difficult task to do well for a long time as the threat landscape changes, and a company’s security and compliance obligations grow. When we transform our thinking and work together, we can all achieve results that are unimaginable when taken on separately as individuals. It is more fun, more rewarding, and more effective when we take on challenges together as a team.

Back to Blog
About Cobalt
Cobalt provides Pentest Services via our industry-leading Pentest as a Service (PtaaS) platform that is modernizing the traditional, static penetration testing model with streamlined processes, developer integrations, and on-demand pentesters. The Cobalt blog is where we highlight industry best practices, showcase some of our top-tier talent, and share information that's of interest to the cybersecurity community. More By Cobalt
2023 Cobalt Partnerships: Expanding to MSP & MSSP Partners
When companies work together to provide better solutions for their clients, everyone wins.
Blog
Jan 12, 2023