The Services

We are BCC Risk Advisory.

A world class technical team
Helping you secure your digital assets


Our focus is always providing the best quality and highest standard of service available, while treating our client relationships more as partnerships than the traditional client/supplier model. We find this achieves more effective results through a mutual understanding of our clients’ security needs.

edgescan

Edgescan

At edgescan, we take care of your digital security risks – helping you concentrate on your actual business.

As an edgescan partner, you will strengthen your firm’s digital security expertise, meet your customers demand and benefit from exclusive special promotions, along with technical support and attractive commission rates.

Read More

resource

Resources

We provide you with free and valuable resources:

Read More

We are BCC Risk Advisory - Providing high quality security consultancy services. We are dedicated to accuracy, quality and believe clear communication is key.

CONSULTANCY

Consultancy.

Many of our services can be coupled together for deeper understanding of risks faced and better assurance. We found that a "one solutions fits all" approach does not work and often proves to be a more expensive option in the long term.

BCC Risk Advisory provide technical security and advisory services designed to assist you in achieving a more robust security posture. We have the experience and knowledge to assist with managing the risk and exposure to your systems, and ultimately your business.

We can assist you with your compliance, regulations and control challenges, such as the Payment Card Industry Data Security Standard (PCI DSS), COBIT, ISO 27001 (formerly 17799), GLBA, and many more.

Custom solutions
We provide custom training and assessment solutions – from phased to hybrid approaches to development assistance and test solutions. We have the experience to assist your needs.

Risk based solutions
Our approach and scoping of any engagement is based on identifying the potential risk and impact of the item in question, mapping the system to business criticality and recommending an appropriate solution.

Strategic solutions
Our solutions can be used to drive down the cost of security. We believe our services can benefit any organisation and identify the root causes of insecurity in order to assist you focus your finite resources.

We understand the complexities and complications of managing and delivering security services in a variety of environments.

TRAINING

Training.

Technical Training
Technical Training is aimed at development and security staff in areas such as:
Secure application development (Java, Web, .Net etc) and Web application pen testing.

Our training combines theory and practical labs in order to both learn by example and also understand the fundamental issues and causes of insecurity. Our training is based on OWASP best practice as our lead technical staff have contributed to OWASP books and guides such as OWASP Testing Guide and the OWASP Code Review Guide.

Our team have delivered such training to many large global organisations and can even customise the training to an individual organisations technology and the particular issues they face.

Executive/Management Training:
Our executive and management training is aimed at individuals such as Risk managers, CISO's & IT Security managers.

Its focus it to gain an understanding of the issues related to Internet Security and associated business risk. It covers off approaches to addressing common issues when managing the security of an organisation from an executive level and arms management with the knowledge to make informed decisions. It also assists executives with understanding what is required to be compliant with industry regulations (PCI-DSS, GLBA, HIPPA) and regional regulations such as data protection.

edgescanTM - Detects security weaknesses in your entire digital-asset-estate: websites, apps (mobile/web/cloud), software, servers and networks.

edgescan

edgescan.

Free 30 Day Trial

BCC Risk Advisory recently developed edgescanTM, a digital security solution to improve your defence against cyber-attacks. edgescanTM detects security weaknesses in your entire digital-asset-estate: websites, apps (mobile/web/cloud), software, servers and networks.

edgescanTM allows for security assessments that are affordable for everyone and provide dramatically better value for money than traditional approaches to digital security. With edgescanTM you can maximise your time and get:

  • Threat verification: Our security assessment results contain virtually no false positives as we remove the vulnerabilities which are not real and verify the real vulnerabilities.
  • Accuracy: All issues reported are manually verified by our security engineers to ensure accuracy and appropriate risks. This eliminates the time you spend figuring out which reported issues are real risks.
  • Real-time metrics are provided on the security of your assets.
  • Historical and trending data: You can track and measure your overall digital security posture to see if it is improving or deteriorating over time.
  • Prioritisation: We ascertain if any of your digital assets are vulnerable to cyber-attacks and rate each risk in order to help you prioritise the security of your systems.
  • Customisable reporting: From within your dashboard you can print off your own reports to go through with your IT security management team and you can select the data you wish to include in the report. This could be an executive summary or detailed technical reports, which include remediation advice based on leading approaches to information security.
  • 24/7 dashboard access: Your security posture and results can be accessed by you 24/7 through our secure web-portal, in as much, or as little detail as you need.
  • Detect weaknesses in your digital security defence: edgescanTM provides you with intelligence on an ongoing basis so that any issues can be fixed before the cyber-criminals have a chance to exploit them.
  • Remediation advice: Our support service and clear, accurate advice can help you or a third party to fix the discovered issues.

Upskilling our clients empowers them with better understandings of risk, technical security & preventative activities.

RESOURCES

Resources.

BCC Risk Advisory support The Open Web Application Security Project foundation (OWASP.org) and assist the foundation with resources and subject matter experts which helps drive the OWASP mission of addressing the causes of application insecurity.

OWASP was founded over a decade ago in response to the need for accurate and high quality security advice and resources delivered via open source licensing.

Check out our free OWASP training slides and papers: [e.g. OWASP Testing Project, OWASP Code Review Guide, OWASP Software Assurance, training slides on owasp.org etc.]

ABOUT US

Founder statement by Eoin Keary.

Eoin Keary BCC Risk Advisory was founded by myself in 2011 out of frustration with the direction the security industry was taking.

Developing secure robust systems can be easier than one thinks assuming one knows what the potential security issues are. It's my view that there was always a disconnect with security folks and the people developing and maintaining systems. In order to help bridge this gap we instil a development culture in all our engineers and consultants; "Don't be afraid to experiment, fail, learn and repeat". Many of our staff have a development background and/or are certified developers of one kind or another. In order to help secure systems we need to embrace the "builder" (developer) mentality, understand pitfalls and also provide pragmatic advice and assistance. We are keen to empower developers and businesses alike with the correct knowledge and understanding of the risks associated with doing business on the Internet. Communication and a common language is of key importance when helping to address system security.

We believe our approach to web and software security is "bleeding edge" and a result of over 15 years of assisting organisations with system security. We assist organisations, both large and small, with managing technical, logical and business risk and believe security is based around understanding the fundamentals of how software and the Internet works.

We understand what real risk "looks like" and strive to help organisations understand what cyber attackers look for when attempting to breach corporate systems.

Our culture is all about being mature about risk and security; Understanding the bridge between technical vulnerability and business risk.

We pride ourselves in relation to upskilling our clients in terms of awareness and technical knowhow. We want our clients to undergo continuous improvement and learn from any mistakes which may (and do) occur when building software systems to enable and improve business process and productivity.

Our Delivery Approach
We understand the complexities and complications of managing and delivering security services in a variety of environments.

We are passionate about securing the Internet and support many non-profit groups to this goal. Our aim is to provide honest, pragmatic and robust solutions to our clients.

Our Team

List of our awesome members.

team

Eoin Keary.

Position: Director/Founder/CTO

Skills: Director/Founder/CTO of BCC Risk Advisory & Chief Security Architect of edgescan

Eoin is the founder and heart of BCC Risk Advisory and the Principal Architect of the edgescan.com vulnerability service. He is a Global Board member of OWASP, a not-for-profit charitable organisation and open community dedicated to web application security.

Eoin has over 14 years of experience in software security and penetration testing. He led a global attack and penetration team for a “Big 4” professional services company for 4.5 years. He also has in-depth experience of application and network penetration testing and has worked in this area with many local and global institutions.

Eoin is a trained ISO27001 Lead Auditor, an experienced instructor and speaker at conferences. He has thought over 1000 developers in secure application development techniques since 2012, including delivering classes in Texas, San Francisco, Amsterdam, London and Dublin.

team

Alan Connolly.

Position: Director and Chief Financial Officer

Skills: Software Development, Public Speaking

Alan is the Co-founder and Chief Financial Officer of BCC Risk Advisory. He is a qualified accountant and Fellow of the Institute of Chartered Certified Accountants. Alan has over 22 years’ experience within the financial sector and has gained a huge wealth of business knowledge and expertise as a partner in Byrne Clarke Connolly Accountants and Registered Auditors.

team

Rahim Jina.

Position: Technical Principal &
Director of Information Security

Skills: Business, Ecomonics, Business Relations, Software Development

Rahim is the Technical Principal and Director of Information Security at BCC Risk Advisory. He has over 10 years of application development/code development experience, and over 8 years of information security and risk management experience.

Rahim worked as a Senior Security Consultant for Ernst & Young’s Risk Advisory Services. There he worked on multiple penetration testing, IT security and IT forensics engagements for a broad range of companies in Ireland, the UK, Europe, Middle East and the US. Rahim also worked as Head of Product & Operational Security for Fonality Inc., and was involved in security architecture, security management, application & network penetration testing, VOIP security and incident response.

Rahim has been involved with the OWASP community since 2007 as an Advisor and Board member of the Irish chapter, a reviewer for the OWASP Code Review Guide, and a contributor to the OWASP SAMM Project (Software Assurance Maturity Model).

team

Owen Mooney.

Position: Lead Developer

Skills: Software Development, Public Speaking

Owen is the Lead Developer at BCC Risk Advisory and the edgescan.com vulnerability service. He has a background in mathematics, physics and real-time interactive development. In 2012, Owen completed an MSc in Computer Science from Trinity College with his thesis being on ‘Sparse Voxel Octrees and Realtime Illumination’. He has over two years of experience in developing and maintaining software with a large user base as well as over three years of teaching experience in web development and game programming.

team

Sandra Clarke.

Position: Director & Chief Operations Officer

team

Owen Pendlebury.

Position: Senior Information Security Consultant

team

Marika Goebel.

Position: Marketing Administrator

team

David Kennefick.

Position: Information Security Consultant

team

Brian O’Brien.

Position: Account Executive

team

Anthony Yalcin.

Position: Information Security Consultant

team

Robert Feeney.

Position: Information Security Consultant

team

Javier Rossetti.

Position: Web Developer

"The penetration testing services provided by BCC Risk Advisory and the quality of their associated reports, provided us with the security assurance that we required and also provided tangible information on the areas where security could be improved.  Prior to using their services we relied upon inconsistent pen testing methodologies, which provided little in the way of supporting information and report interpretation proved difficult.  In addition I will say that their support and service is beyond any expectations. Overall, BCC Risk Advisory have proven to be an excellent security partner."

David Cahill
Security Architect, AIB

Contact Us

LET'S COMMUNICATE AND SAY HELLO.

Sign up to our newsletter

BCC Risk Advisory.

Pamaron House,
Ballybin Rd, Ashbourne,
Co. Meath,
Ireland.

Tel: +353 (0)1 6815330
Email: info@bccriskadvisory.com