Cyber Security

PCI Security 

SOX Security

BASEL II Security 

About us

Why Choose Us

Evans Resource Group is the premier IBM partner for WebSphere Data Security with the only PCI DSS and governance focused testing available.  Our testing has shown approximately 90% of WebSphere installations will not pass a PCI DSS assessment.


Is Your Network Next?

Recent news stories about the rise in hacker attacks on businesses and government institutions have signaled alarms throughout the cyberworld that current security measures do not go far enough in protecting critical business processes that utilize web technology from attacks where security constructs are underwhelming or absent – the business process interconnectivity applications that act as the glue that connects and move data from one web application to another. In fact, the recent news has come as no surprise to Evans Resource Group (ERG) as we have found that over 90% of the testing we have performed on this critical part of any e-commerce organization has failed to achieve basic security levels.

At ERG, we specialize in BPIC (Business Process Interconnectivity Security which is also referred to as SOA or Service-Oriented Architecture), Enterprise Service Bus (ESB) and gateway technology security with a focused expertise in IBM® WebSphere® environments. We have created an end-to-end BPIC security solution, in conjunction with IBM, that will help you identify risk and vulnerabilities across your critical BPIC infrastructures and provide you with clear, insightful, actionable optimizations to safeguard and protect your critical business assets.


Advanced Message Security (AMS)

Is your firm doing business with the states of MA, MN, NV or WA? By law your firm is required to be PCI DSS compliant across the interconnectivity technology stack.  That means testing your WebSphere and securing messages at rest.  IBM and Evans Resource Group (ERG) can prove PCI compliance of your WebSphere MQ and ESB with our bundled offering using IBM’s WebSphere MQ Advanced Message Security and ERG’s MQSentry security testing solution. Leveraging our teams of highly skilled WebSphere MQ security consultants with deep ESB and message-oriented middleware security knowledge, outstanding technical skills, and unparalleled experience with thousands of customer security integrations, our bundled solution for PCI DSS can help you get your PCI Security Assessments right the first time…every time.


IBM Infrastructure Security Services

Evans Resource Group’s WebSphere Interconnectivity Software Oriented Architecture (SOA) Penetration Tests evaluate the security of an organization’s WebSphere MQ and ESB that use WebSphere MQ and ESB for their software oriented architectures against security best practice criteria. By simulating real-world, application–level attacks, the tests provide insight into the ability of an organization’s application to resist attacks from unauthorized users and to help prevent misuse by valid users.

Interconnectivity is the technology utilized to move, transform and deliver the data to their intended destinations within the network, what we refer to as atomic components of the network. Interconnectivity vulnerabilities are critical to remediate due to the nature of what the application does, moving, connecting and transforming data between systems, web designer and business partners. Enterprise interconnectivity is used in every industry across business to business (B2B) and gateways that act as a hub for business applications and databases to communicate both externally and internally, sending strings of transactions, data and other critical business information across and through networks. Cyber risk becomes cyber liability when it is not secured properly by a business partner.

HITECH Act/HIPAA Compliance for WebSphere MQ, ESB and Payment Gateways

Our Support

Confidentiality, integrity, and accessibility for WebSphere MQ is
required for the HITECH Act for companies that utilize WebSphere MQ as
the message-oriented middleware transport for SOA, ESB and payment
gateways. The solution tests and optimizes WMQ for HITECH Act
Compliance using non-perimeter testing and remediation tools and

The Best Service

Our commitment is to always exceed customer expectations by delivering outstanding products and services

Available 24

We help our clients achieve a significant competitive advantage


Find out more











News and Updates

  • Deserving of note is the function of the human component in these strikes. None of the attacks can be successfully carried out without the involvement of the human aspect, either as the producer, the medium or the actual executor of the assault. Any type of......

  • We are living in an extremely volatile world where our information is always on the cusp of being leaked. To some degree, things are out of our hands, but that shouldn’t stop us from taking necessary steps to shield us from unforeseen events. Here in......