Cybersecurity in the Modern World
Cybersecurity maturity – where are you at?
The threat of the unknown is real? You may think you have a well managed network until you discover, from a breach, that you’ve been ‘pwn’d’ for months. The ‘dwell’ time is upwards of a year for a reason, lack…
Right Person – Right Role
I pulled the wrench to the left and it slipped off the head and I…
Alert Angina
Have we moved from “drowning in data” to “Alert Angina”? I fear (pun intended) we…
threats & Remediation
Breakout Time - Blazingly Fast!
-Crowdstrike 2025 Global Threat Report
Remediate with an IR container and readiness assessments to proactively mature security. Ensure network detect and respond (NDR) capabilities and appropriate triggers and alerts to enable proactive and reactive capabilities and visibility, where it matters most. Use Cyber Threat Intelligence to drive counter-TTPs into operations for optimal hardening.
Vulnerabilies are the main vector
-Crowdstrike 2025 Global Threat Report
Remediate with a strong threat and vulnerability management program, regular penetration testing, and purple teaming. Combine with a threat based counter-intelligence to mature against your personal threatscape and risk.
Mobile Matters
-ThreatDown Malwarebytes 2025 State of Malware
Remediate with strong planning and security controls for mobile devices, user-awareness training, and threat and vulnerability management for all mobile implementations, coupled with layered technical controls.
Ransomware is Raging
-Dragos 8th Annual Year in Review OT/ICS CyberSecurity Report 2025
Remediate with tabletop exercises and training, one of the top tactics to reduce risk. Mature overall cyber hygiene, especially the most common vectors of attack for ransomware families, through a readiness framework driven SecOps program.
Living off the land (loL)
-Dragos 8th Annual Year in Review OT/ICS CyberSecurity Report 2025
Artificial Intelligence (AI)
-LayerX Enterprise GenAI Security Report 2025
Remediate with policies and procedures to directly address and enforce how AI is to be handled and managed for your organization, starting with appropriate use, identity access management and allowed access, and what data is allowed to be copy, pasted, and/or exposed to AI tools.
Trusted by Industry Leaders for Decades
Our Story A Legacy of Excellence
history of 4D5A Security
Ken Dunham, CEO, started 4D5A Security in 1992 under the name A-Z Computer Consultation. His original work involved consultation and programming all around the world, focused upon excellence and transformative outcomes for clients. While challenges and threats have changed over the years, outcomes have not. Join us on Team Awesome!
Contact Us
Frequently Asked Questions
How does IR work?
4D5a Security supports all the stages of Incident Response, with you, leading or augmenting as it makes the best sense to so to rapidly reduce risk and cost for you while in the middle of a crisis. We save you literally millions of dollars in our collaborate approach with Ninjas at Night.
What's the cost of IR?
4D5A Security offers proactive and reactive pricing to help you best manage and reduce risk. We also offer bulk hour discounts and pre-paid discount along with special offers. Inquire for current pricing and packages that best meet your needs!
Do you offer deals?
We regularly offer new client and new services deals, renewal offers and more. Reach out to us to see what is available to you today!
What is Vciso?
A Virtual Chief Information Officer, aka vCISO, is a leader that is hard to find! We offer interim staff to meet your needs while you seek to backfill a position, which can take a year or longer in this industry. We also offer part time staffing to augment your needs or to provide augmentation for scale and assurances where you have an existing CISO. Let us round out your CISO needs with our pool of global experts.
How does table top training work?
Tabletop exercises run by 4D5A Security demand outcomes that move the needle to reduce risk! Tired of ‘Ho Hum’ compliance driven exercises that are a waste of time? We partner with executives to identify perceived gaps, target areas of operations and risk, and involve every single stakeholder in simulations and injects for maximum output. We also use our own interactive assessments and metrics throughout, coupled with extensive monitoring and note taking, to capture gaps and recommendations to build out a prioritized risk roadmap following a tabletop exercise.
We also offer customized training. For example one client wanted to build out operations to augment MSSP services where they could start to handle their own malware samples and analyze some components of it for assurances and intel and also make sure the MSSP was doing a good job. We partnered to build out a safe and effective set of operations and then hosted a training workshop to prove it out in operations to onboard it for a successful launch into production.
What is your experience?
We are called Ninjas at Night for a reason, with some of the most experienced and recognized global experts on the planet at your fingertips. Our leader, Ken Dunham, is a recognized global leader, top 1%, with two number one startups in the space, is a Distinguished Fellow, has a best selling book, international article of the year on espionage, and was the top quoted security professional in the world. Our expert leaders all have a minimum of ten years niche experience in areas that are impressive, like setting up global SOC operations, breaking cryptography, native Russian language skills coupled with amazing malware attribution experience, and more. Join us for a team of excellence with success as your outcome.