Change Agents in the Cyber World!

Evans Resource Group (ERG) is a global leader in SOA and BPIC security. Our patent-pending testing, mapping and monitoring software offerings combine with our expert assessment and remediation consulting services to provide a comprehensive and holistic approach to an area of the network that is overwhelmingly lacking in security; the business process interconnectivity space. We specialize in BPIC and SOA applications and providing solutions for data security and IT governance in the government and commercial sectors.

The BPIC layer acts as glue that binds different databases and programs on different computers, enabling multiple applications to work together in harmony. Trillions of dollars of transaction value flow weekly through this layer of the network. If the layer experiences any performance problems or hacks, it can wreak havoc across an organization’s entire network – resulting in compromised data security, interrupted workflows, expensive downtime, and possible legal action.

The BPIC layer is now the prime target for hackers with public access to several toolkits now in existence based on scripting products such as Python. Additionally, it has become evident that current security assessments and related protocol are not addressing a known pervasive vulnerability associated with the installation and maintenance of BPIC, including IBM’s WebSphere Application Server (WAS) and WebSphere MQ (WMQ), which can lead to unauthorized administrative access, a critical infrastructure vulnerability that allows hackers to own the system. In fact, 90% of penetration testing done by Evans Resource Group, at a variety of clients, has shown that those client networks failed to meet the requirements for basic data security including confidentiality, integrity and accessibility. When one considers that IBM’s WebSphere products are used in nearly three quarters of the entire Fortune 100, the need for more sophisticated and robust security auditing and remediation of the BPIC layer becomes readily apparent.

As a trusted IBM business partner and IBM® WebSphere Security Specialists, we provide all levels of critical BPIC infrastructure security consulting for PCI DSS, HIPAA, SOX, Basel II, FISMA, Directive 95/46/EC, and GLBA compliance.

ERG offers a modular and sequential set of software and consulting offerings, including our flagship penetration testing tool, MQSentry, that span the full information technology lifecycle for SOAs and BPIC. Our team of experienced security professionals will help you identify risk and vulnerabilities across your critical BPIC infrastructures and provide you with clear, insightful, actionable information to safeguard and protect your critical business assets.

Evans Resource Group is the vision of a seasoned entrepreneur, M. Ariel Evans, whose prior BPIC products are now part of the BMC product line and whose security experience with the SOA and BPIC markets is unparalleled. Founded to fill the void in current WebSphere security testing procedures, Evans Resource Group is conveniently located in New York City, the financial technology capital of the world

Why ERG?

ERG has been in the BPIC technology space for over 15 years, and is a proven leader in developing solutions for complex BPIC applications (our previous products are now part of the BMC product line). We are a member organization of the PCI Security Council, and continuously work with government policy makers to increase awareness of BPIC security and testing. Our work and partnership with IBM improving web application security is unparalleled in the marketplace and we have invested over three years in security research and development of our solution.

At Evans Resource Group, our proprietary vulnerability assessment solutions are specifically designed to address and remediate web application interconnectivity security issues and provide a fully hardened SOA environment that puts your critical infrastructure in compliance with today’s demanding regulatory requirements.