Risk management services designed to help financial services companies comply with New York Department of Financial Services (NYDFS) cybersecurity Rule 23 NYCRR 500

We help assess your organization with 23 NYCRR 500

Risk Assessment

A risk assessment will evaluate the effectiveness of your entire security program and test your internal and external defenses using real-world attack scenarios.

NYDFS Penetration Test

Designed to fully meet the requirements of 23 NYCRR 500, our network and web application penetration testing will validate the effectiveness of your security program by testing it against real-world attack scenarios.

Custom Framework Mapping

NightLion has developed proprietary compliance framework mapping tools to help your organization satisfy multiple audits without wasting redundant business resources.

Continuous Monitoring

We work with your technical teams to help develop a plan to meet your continuous monitoring requirements, and help you stay on top of your 30-60-90 day patch cycles.

Have questions? We are ready to schedule your free consultation

Contact us today

In The Media

Bloomberg interview with Founder Vinny Troia

Annual Penetration Testing and Risk Assessment Requirements

At a minimum, each financial services organization must perform annual Penetration Testing of Information Systems determined each given year based on relevant identified risks in accordance with the Risk Assessment.

— According to New York Department of Financial Services

Case Study

Medical & Healthcare Industry

Night Lion provides IT audit and security control validation for Managed IT provider Specializing in Medical and Healthcare Systems