Skip to content
VigilGuard Logo VigilGuard
Contact Us
EASM Platform VendorGuard ITRM Platform

Executive Protection

Executive Protection

Section titled “Executive Protection”

5 automated security scanners

Family Security

Section titled “Family Security”

Purpose: The Family Security Scanner is designed to identify and assess potential risks associated with family exposure in public documents, evaluate school and activity security measures, and uncover digital footprints that may compromise family safety. This tool assists in assessing the overall security posture of a company concerning its employees’ families.

What It Detects:

  • Family Exposure Indicators: Identifies mentions of employee family members in public documents and looks for sensitive information such as home addresses, phone numbers, and personal details.
  • School/Activity Security Policies: Checks for the presence of security policies related to school activities and evaluates incident response plans specific to student safety.
  • Digital Footprints Analysis: Scans public web pages for digital footprints that could be exploited and identifies publicly available sensitive information about employees and their families.
  • Compliance Certifications: Verifies the presence of relevant compliance certifications (e.g., SOC 2, ISO 27001) and ensures adherence to security standards that protect employee data.
  • Policy Review Indicators: Reviews company security documentation for comprehensive family protection policies and detailed incident response plans and data protection measures.

Inputs Required:

  • domain (string): Primary domain to analyze (e.g., acme.com) - This input is crucial for scanning the specified domain to identify relevant information.
  • company_name (string): Company name for statement searching (e.g., “Acme Corporation”) - The company’s name helps in identifying specific statements and documents related to family security and policy.

Business Impact: This scanner is critical as it directly impacts the privacy, safety, and overall security posture of employees’ families within a company. It ensures that sensitive information is not exposed publicly and that adequate policies are in place to protect such data.

Risk Levels:

  • Critical: Findings that could lead to immediate risk of exposure or significant harm (e.g., unencrypted home addresses, phone numbers).
  • High: Significant risks where security measures might be inadequate or missing (e.g., lack of incident response plan for family data).
  • Medium: Moderate risks requiring attention but not as critical as high risks (e.g., incomplete compliance with certain standards).
  • Low: Minor issues that can be addressed in the long term without immediate concern (e.g., minor mentions of personal information in public documents).
  • Info: Informative findings providing general insights into company’s handling of family data and security practices.

Example Findings:

  • “Family exposure risk identified in employee resources section.”
  • “Personal details of employees’ children found in blog post.”
  • “Security policy document available on security page.”
  • “ISO 27001 certification mentioned in compliance section.”

Travel Risk Assessment

Section titled “Travel Risk Assessment”

Purpose: The Travel Risk Assessment Scanner is designed to detect potential risks associated with an executive’s itinerary, including high-risk destinations, unsafe routes, and inadequate security measures in planned accommodations. It also assesses destination threats by analyzing public policy pages for travel advisories and warnings, trust center information, compliance certifications, and reviews company security documentation to ensure all necessary security measures are in place for executive protection.

What It Detects:

  • Itinerary Vulnerabilities: High-risk destinations based on geopolitical instability, unsafe routes with known criminal activity or terrorism threats, and inadequate security measures in planned accommodations.
  • Destination Threats: Scans public policy pages for travel advisories and warnings, analyzes trust center information for reported incidents, and evaluates compliance certifications to ensure adherence to safety standards.
  • Route Vulnerabilities: Potential hazards along the route, weather-related risks, and any known security incidents on the planned route.
  • Security Documentation Review: Reviews company security documentation for relevant policies and procedures, ensuring all necessary security measures are in place for executive protection, and identifies gaps or outdated information in existing security protocols.
  • Policy Compliance: Verifies compliance with international travel safety standards and regulations, checks adherence to internal security policies related to executive travel, and detects any non-compliance issues that could pose a risk during travel.

Inputs Required:

  • domain (string): Primary domain to analyze (e.g., acme.com)
  • company_name (string): Company name for statement searching (e.g., “Acme Corporation”)

Business Impact: This scanner is crucial for ensuring the safety of executives during travel by proactively identifying and mitigating potential security risks, which can directly impact a company’s reputation, compliance with regulations, and executive well-being.

Risk Levels:

  • Critical: Identifies severe vulnerabilities that could lead to immediate threats such as high-risk destinations or unsafe routes with known criminal activity.
  • High: Detects significant risks such as inadequate security measures in planned accommodations or non-compliance with internal security policies.
  • Medium: Indicates moderate risks requiring attention, such as potential hazards along the route or outdated information in security protocols.
  • Low: Informs about informational findings that might not pose immediate risk but should be monitored for future changes.
  • Info: Provides details on compliance status and general policy adherence, which is important for maintaining a robust security posture without an immediate impact on risk levels.

Example Findings:

  1. The scanner identifies a destination with ongoing political unrest marked as high-risk, prompting a review of the travel itinerary to consider alternative routes.
  2. A planned route through a region known for frequent roadblocks raises concerns about potential delays and safety issues, leading to immediate adjustments in the travel plan.

Residential Security

Section titled “Residential Security”

Purpose: The Residential Security Scanner is designed to comprehensively evaluate home security measures, including access control systems and monitoring protocols, ensuring robust protection against unauthorized access and potential threats. It aims to identify gaps in security policies, compliance with industry standards, and overall security posture of residential properties.

What It Detects:

  • Security Policy Indicators: Identifies the presence of formal security policies that outline incident response procedures, data protection guidelines, and access control mechanisms.
  • Maturity Indicators: Confirms compliance with SOC 2 and ISO 27001 standards, detects penetration testing activities, and identifies vulnerability scanning and assessment practices to ensure a mature cybersecurity posture.
  • Access Control Systems: Evaluates physical security measures such as door locks, surveillance cameras, alarm systems, and digital access controls including password policies and multi-factor authentication.
  • Monitoring Systems: Analyzes the presence of intrusion detection systems (IDS), intrusion prevention systems (IPS), video surveillance coverage, recording practices, smart home device security configurations, and remote monitoring capabilities.
  • Documentation and Compliance: Reviews company security documentation for completeness and accessibility, checks public policy pages for transparency on security measures, validates trust center information for reliability, and ensures compliance with relevant industry standards and certifications.

Inputs Required:

  • domain (string): The primary domain of the property or organization to be analyzed, providing a comprehensive view of its security infrastructure.
  • company_name (string): The name of the company associated with the domain, used for searching specific security-related statements and policies.

Business Impact: This scanner is crucial as it helps in assessing the effectiveness of home security measures against potential threats, ensuring that organizations are compliant with industry standards, and safeguarding sensitive information from unauthorized access. It directly impacts the integrity and confidentiality of data stored within residential or commercial properties, highlighting areas for improvement to enhance overall security posture.

Risk Levels:

  • Critical: Conditions where there is a direct breach risk, significant financial loss, or high impact on business operations due to non-compliance with critical security policies or standards.
  • High: Situations where the probability of an incident occurring is high, leading to moderate to severe impacts on security and operational efficiency.
  • Medium: Conditions that may lead to some level of compromise but have a lower overall risk compared to higher severities due to mitigating factors such as well-established policies or ongoing monitoring.
  • Low: Informal findings indicating minor deviations from best practices, with minimal impact on the organization’s security posture.
  • Info: General information about the environment and compliance status that does not directly affect critical operations but contributes to a broader understanding of the system’s security landscape.

If specific risk levels are not detailed in the README, these inferred categories help in categorizing findings based on severity.

Example Findings: The scanner might flag instances where outdated door locks do not meet modern security standards or where password policies lack robust multi-factor authentication features that could be exploited by malicious actors.

Digital Footprint Analysis

Section titled “Digital Footprint Analysis”

Purpose: The Digital Footprint Analysis Scanner is designed to identify and report exposure of personally identifiable information (PII), address/contact disclosures, and family information by analyzing publicly available data sources such as GitHub repositories, LinkedIn profiles, news articles, job boards, and SEC filings.

What It Detects:

  • 1. PII Exposure: Identifies patterns indicative of exposed personal information in code repositories and other public documents. Examples include Social Security numbers, credit card details, and driver’s license numbers.
  • 2. Address/Contact Disclosure: Searches for publicly available contact information such as email addresses, phone numbers, and physical addresses. Patterns matching standard formats for these data types are highlighted.
  • 3. Family Information: Detects mentions of family members or personal relationships in public profiles and documents. Examples include names of spouses, children, or other relatives.
  • 4. Breach Mentions: Identifies references to security breaches, unauthorized access, and data compromises. Keywords such as “data breach”, “security incident”, “unauthorized access”, and “compromised” are monitored.
  • 5. Tech Stack Disclosure: Detects mentions of specific technologies used by the company, which can provide insights into potential vulnerabilities. Examples include “experience with aws”, “proficiency in terraform”, and “knowledge of splunk”.

Inputs Required:

  • domain (string): The primary domain to analyze, such as acme.com.
  • company_name (string): The company name for statement searching, e.g., “Acme Corporation”.

Business Impact: This scanner is crucial for organizations aiming to protect sensitive personal information and comply with data protection regulations like GDPR and HIPAA. It helps in identifying potential risks that could lead to identity theft, financial loss, and legal repercussions.

Risk Levels:

  • Critical: Conditions that directly lead to severe security breaches or significant exposure of PII are considered critical. This includes explicit mentions of data breaches or unauthorized access within company documents or public disclosures.
  • High: High-risk findings involve the exposure of sensitive information in a way that could significantly impact an individual’s privacy, such as widespread disclosure of personal addresses or phone numbers.
  • Medium: Medium-severity risks pertain to less critical but still significant exposures, like mentions of specific technologies used by the company which might indicate vulnerabilities.
  • Low: Low-severity findings include general mentions that do not directly expose PII but could be indicative of broader data handling issues or compliance gaps.
  • Info: Informational findings are those that provide context about technology stack and usage, useful for understanding the technical aspects without immediate security implications.

Example Findings:

  • A GitHub repository containing a .env file with plaintext credentials exposing PII (critical).
  • An SEC filing mentioning an unauthorized data access incident (high).
  • LinkedIn profile disclosing email addresses that could be used for contact (medium).
  • A blog post discussing the use of outdated security protocols, indicating potential vulnerabilities in tech stack (low).

This structured approach helps users understand not only what the scanner detects but also how to interpret and prioritize its findings based on their severity.

Transportation Security

Section titled “Transportation Security”

Purpose: The Transportation Security Scanner is designed to evaluate and enhance the safety and protection measures of vehicles used for executive transportation. It conducts a thorough analysis of vehicle security, route planning, driver background, compliance with security policies, and incident response plans to identify potential vulnerabilities and ensure adherence to high standards of security.

What It Detects:

  • Vehicle Security Measures: The scanner identifies the presence of advanced security systems such as GPS tracking and tamper-proof locks, checks vehicle maintenance records for safety compliance, verifies the installation of emergency communication devices, and flags any absence of secure storage solutions for sensitive materials. Additionally, it flags outdated or non-compliant vehicle models that may pose a risk.
  • Route Analysis: This includes detailed route planning with proper risk assessment documentation, consideration of alternative routes in emergencies, real-time monitoring capabilities along the route, traffic analysis to anticipate threats, and adequate contingency plans for various scenarios.
  • Driver Vetting: The scanner performs thorough background checks on drivers including criminal records and driving history, ensures compliance with drug testing policies, verifies training programs for emergency response and security protocols, and highlights the absence of psychological evaluations for stress management. It also scrutinizes insufficient experience requirements for critical routes.
  • Compliance with Security Policies: The tool tests adherence to company security documentation and checks related public policy pages for transportation security measures. It verifies trust center information regarding vehicle safety and detects any lack of compliance with certification standards such as ISO/IEC 27001.
  • Incident Response Plans: It evaluates the presence of detailed incident response plans, regular drills and simulations to test response effectiveness, communication protocols during emergencies, post-incident reviews for learning processes, and reporting mechanisms for security breaches.

Inputs Required:

  • domain (string): The primary domain of the organization under analysis, which helps in searching for relevant security documents and policies.
  • company_name (string): The name of the company to search for specific documentation or policy statements related to transportation security.

Business Impact: This scanner is crucial as it directly impacts the safety and integrity of executive protection services. Ensuring high standards of vehicle security, accurate route planning, vetted drivers, compliance with security policies, and effective incident response plans are essential for maintaining trust and avoiding potential risks in transportation services.

Risk Levels:

  • Critical: Failures that could directly lead to significant harm or breaches of sensitive information without mitigation.
  • High: Significant vulnerabilities that pose a substantial risk if not addressed promptly.
  • Medium: Minor issues that may require attention but do not immediately threaten security.
  • Low: Informal observations that are generally non-critical and can be resolved at the discretion of management.
  • Info: General information or inconsequential findings that provide limited impact on security posture.

These risk levels are inferred based on the purpose of enhancing transportation security measures.

Example Findings: The scanner might flag a vehicle without GPS tracking, which could lead to unauthorized access and potential risks during transit; a lack of detailed route planning for critical trips, which could expose sensitive information or compromise safety; an unvetted driver with a questionable driving history, which may lead to unpredictable outcomes in emergency situations; non-compliance with ISO/IEC 27001 standards, indicating inadequate data protection measures; and insufficient incident response plans, leading to inefficiencies in handling security breaches.