
Black Hills Information Security: Fueling Security with Innovation and Education


“Our biggest differentiator is the fact that we dedicate a large amount of time contributing to the knowledge growth of the entire global community. We share our security knowledge and expertise through blogs, regular webcasts, open-source projects, development of assessment tools, and our Backdoors & Breaches card game.,” asserts John Strand, owner and security analyst at Black Hills Information Security.
BHIS specializes in pen testing, red teaming, and threat hunting and is predominantly focused on evaluating IT infrastructure security while spreading awareness about the education aspect of it. As one of the leaders in the information security industry, BHIS has rolled out several free tools over the years that help organizations to assess the security vulnerabilities of their IT infrastructure efficiently. For instance, the company introduced an open-source network threat hunting tool—RITA (Real Intelligence Threat Analytics)—designed to identify backdoor traffic leaving and malware beaconing through heuristics analysis.
![]()
We aim to help people learn more about cyber attacks so that there is more awareness towards security
It offers Beaconing Detection, DNS Tunneling Detection, Blacklist Checking, and URL Length Analysis. Moreover, BHIS offers an Active Defense Harbinger Distribution and Reader (ADHD) stack. ADHD is built to assist defenders with befitting products and solutions. It comprises of a bunch of cyber deception and cyber attribution tools—aimed at active defense.
BHIS follows a tailored security assessment according to the client’s goals along with the existing state of systems and then crafts a tailored solution accordingly with any necessary add-ons, rendering superior security practices. BHIS has gained huge traction in the market due to its webcasts, training modules, and free tools such as MailSniper, CredSniper, and CredKing, which allow companies to assess the security vulnerabilities of their IT infrastructure. In the free webcasts, BHIS’s experts talk and answer the queries of people in real-time about specific or generalized topics and techniques within information security that can be implemented and utilized to defend IT infrastructures. “We want to make sure that our customers have the right visibility points into the network, and they get the most out of our quality assessment. We offer them red, blue, or purple team assessment and even collaborative assessment based on their vulnerability management program, user awareness program, and their network standards,” explains Jason Blanchard, Marketing and Outreach, Black Hills Information Security.
As a customer-centric company, BHIS provides on-point solutions to small and large organizations, including government agencies, financial institutions, and health care providers. The company has recently created an incident response card game, called Backdoors & Breaches, which is an effective incident response tabletop exercise for learning about attack tactics and tools. “We are giving these decks out to educators who teach information security to help them in teaching students about attacks. We aim to help people learn more about cyber attacks so that there is more awareness towards security,” concludes Strand.
Company
Black Hills Information Security
Management
John Strand, Owner & Security Analyst
and Jason Blanchard, Marketing & Outreach
Description
Creates specialized and innovative security solutions while adding knowledge and imparting education to the security community. Predominantly focused on evaluating IT infrastructure security by understanding and eradicating vulnerabilities, BHIS specializes in pen testing, red teaming, and threat hunting and offers innovative and cost-effective security solutions. As one of the leaders in the information security industry, BHIS has rolled out several free tools over the years that help organizations to assess the security vulnerabilities of their cloud and on-premise infrastructure efficiently. The company experts share their security knowledge through blogs, regular webcasts, open-source projects, development of assessment tools, and Backdoors & Breaches card game
