Latest Blog Post

read more

Upcoming Events

September 16, 2015 - LMG will teach "Digital First Responder Training" at our World Headquarters in Missoula, MT. Sign up now!

September 22, 2015 - LMG will teach "Digital First Responder Training" in Billings, MT. Sign up now!


Congratulations to all the teams that participated in the Network Forensics Puzzle Contest at DEF CON 23! View contest results, hints, and passwords here.

We're pleased to announced that Network Forensics Puzzle DVDs from 2011, 2012, and 2014 are all available on BytePuzzles!

LinkedIn Reddit Delicious Technorati Twitter Digg Stumbleupon

Join our Email Newsletter

Send your cybersecurity questions to for the chance to have them answered in our newsletter!

Class and Book

Want "Network Forensics" (the class) taught privately at your facilities? Request an Onsite

Order Network Forensics: Tracking Hackers Through Cyberspace!

Need Expert Consulting?

Request a Quote

Email Us an RFP

Financial Industry

Make sure your customer information is secure, and your IT systems are protected, through routine security testing and training. LMG specializes in conducting technical penetration tests, vulnerability assessments, web application assessments, and social engineering testing. For each test, we can provide a letter of attestation suitable for presentation to third parties.

At LMG, we believe that compliance and security should be fully aligned. We conduct detailed, organized risk assessments for financial institutions. All of our reports include risk ratings, as well as descriptions of impact and prioritized recommendations.

Let us help you make smart choices.

Service Description Details
Penetration Testing

Find your weak spots before the hackers do, and comply with regulations.

LMG's penetration testing services include:

Web Application Assessment

Make sure your web applications are secure.

Conduct a comprehensive external assessment of your web application, so that you know it's secure. Tests include:

  • Cross-site scripting
  • SQL injections
  • Session hijacking
  • Authentication bypass
  • Buffer overflows
  • and much more...

Unlike other firms, we don't just run automated scans. We always test your web application manually as well, using advanced techniques beyond most attackers' capabilities.

Vulnerability Assessment

Test your network security and identify vulnerabilities-- safely and effectively.

Conduct a comprehensive examination of your systems, and receive a prioritized, detailed list of vulnerabilities and recommendations. Options include:

Social Engineering Testing and Training

Build your defenses against phishing attacks and social engineering scams, and track performance over time.

Safely and effectively train your employees to resist social engineering attacks, while gathering statistics. LMG's realistic phishing tests train your employees to:

  • Always be on the alert
  • Verify senders before trusting an email
  • Refrain from clicking on links in phishing emails
  • Know how to recognize fake domains
  • Check for SSL/TLS encryption in login pages
  • Only enter usernames/passwords into trusted, encrypted sites
  • Properly verify the identity of phone callers
  • Report suspicious emails or phone calls immediately

We carefully track your employees' performance and provide you with detailed reports, including visual graphs and charts, easy-to-read summaries, specific areas for improvement, and comparison with previous test results.

Policy/Procedure Development and Review

Develop policies and procedures to meet compliance needs and security best practices.

Let us develop and revise your policies, to help you:

  • Comply with industry regulations such as GLBA and SOX
  • Set realistic and achievable guidelines
  • Reflect the unique needs of your organization
  • Establish an adaptable and scalable policy framework

Our speciality is creating customized policy frameworks that are realistic and work long-term.

Training and Education

Train your staff, with internationally recognized authors and instructors.

LMG's training options include:

Risk Assessment

Meet FFIEC guidelines for Information Security Risk Assessment.

A comprehensive security risk assessment, based on review of your policies, procedures, and technical testing results. May be bundled with technical testing.

LMG's risk assessment methodology is based on the following guidance issued by the United States federal government:

Receive a prioritized list of risks, descriptions of impact and likelihood, controls in place, and recommendations.