{"organization":{"name":"Harborcoat","legalName":"Harborcoat Technologies","tagline":"Protection Against Less Tangible Things","subtitle":"Strategic Security and IT Advisors","website":"https://harborcoattech.com","phone":"(385) 999-2358","email":"info@harborcoattech.com","address":{"street":"1850 W Ashton Blvd. Suite 500","city":"Lehi","state":"UT","zip":"84043"},"social":{"twitter":"https://x.com/harborcoattech","instagram":"https://www.instagram.com/harborcoat","linkedin":"https://www.linkedin.com/company/harborcoat-technologies/"}},"summary":"Harborcoat is a Utah-based cybersecurity and IT advisory firm helping organizations evaluate, procure, implement, and support security, cloud, data, and operations technology.","services":[{"id":"endpoint-protection","name":"Endpoint Protection","description":"Modern endpoint protection goes beyond traditional antivirus. We deploy next-generation endpoint detection and response (EDR) and extended detection and response (XDR) platforms that use AI and behavioral analysis to identify and stop threats in real time.","capabilities":["Next-gen antivirus and anti-malware","Endpoint detection and response (EDR)","Extended detection and response (XDR)","Managed threat hunting","Incident response and forensics"],"partnerIds":["crowdstrike"]},{"id":"cloud-solutions","name":"Cloud Solutions","description":"As organizations migrate to the cloud, new attack surfaces emerge. We provide cloud security posture management (CSPM), workload protection, and compliance monitoring to ensure your cloud infrastructure is configured correctly and continuously protected.","capabilities":["Cloud security posture management (CSPM)","Cloud workload protection","Multi-cloud visibility (AWS, Azure, GCP)","Infrastructure as code scanning","Cloud compliance and governance"],"partnerIds":["wiz"]},{"id":"employee-awareness","name":"Employee Awareness Training","description":"Human error remains the leading cause of security breaches. Our awareness training programs combine interactive learning modules with realistic phishing simulations to build a security-conscious culture throughout your organization.","capabilities":["Phishing simulation campaigns","Interactive security awareness modules","Compliance training (HIPAA, PCI, SOC 2)","Executive and board-level briefings","Security culture assessments"],"partnerIds":["beauceron"]},{"id":"iam","name":"Identity & Access Management","description":"Identity is the new perimeter. We architect and implement zero-trust frameworks that ensure the right people have the right access to the right resources, and nothing more. From single sign-on to privileged access management, we cover the full identity lifecycle.","capabilities":["Zero-trust architecture design","Single sign-on (SSO) implementation","Multi-factor authentication (MFA)","Privileged access management (PAM)","Identity governance and administration"],"partnerIds":["okta","semperis","hashicorp"]},{"id":"sase","name":"Secure Access Service Edge","description":"SASE converges networking and security into a unified, cloud-delivered service. We help organizations transition from legacy VPNs and firewalls to a modern architecture that secures users, devices, and applications regardless of location.","capabilities":["Software-defined WAN (SD-WAN)","Cloud-delivered security (SWG, CASB, ZTNA)","Remote workforce security","Network segmentation","Performance optimization"],"partnerIds":["fortinet","netskope","akamai"]},{"id":"email-defense","name":"Email Defense","description":"Email is the number one attack vector for cybercriminals. We implement multi-layered email security that combines AI-powered threat detection, domain authentication, and user reporting to stop phishing, BEC, and malware delivery before damage is done.","capabilities":["Advanced phishing protection","Business email compromise (BEC) defense","Email encryption and DLP","Domain authentication (SPF, DKIM, DMARC)","Automated incident response"],"partnerIds":["proofpoint","abnormal"]},{"id":"siem-analytics","name":"SIEM, Observability & Analytics","description":"Visibility is the foundation of effective operations and security. We architect SIEM platforms, observability stacks, and data lakes that centralize telemetry, correlate events across your environment, and surface actionable intelligence — so your teams can detect threats faster and run the business with confidence.","capabilities":["SIEM deployment and optimization","Cloud and infrastructure observability","Security and operational data lake architecture","Log aggregation, correlation, and alerting","Threat intelligence and anomaly detection"],"partnerIds":["splunk","ibm","datadog","snowflake"]},{"id":"secure-browser","name":"Secure Enterprise Browser","description":"The browser has become the primary workspace for modern organizations. We deploy enterprise browsers that give IT and security teams full visibility and control over web-based activity, protecting sensitive data without disrupting the end-user experience.","capabilities":["Managed enterprise browser deployment","Data loss prevention for web applications","Secure access to SaaS and internal apps","Granular policy enforcement","Last-mile visibility and audit logging"],"partnerIds":["island"]},{"id":"data-protection","name":"Data Protection & Cyber Resilience","description":"When an incident occurs, the ability to recover quickly defines the outcome. We implement enterprise data protection and cyber resilience solutions that safeguard critical data across hybrid environments, enabling rapid recovery from ransomware, outages, and data loss events.","capabilities":["Enterprise backup and recovery","Ransomware detection and isolation","Cyber vault and air-gapped recovery","Multi-cloud data management","Recovery point and recovery time optimization"],"partnerIds":["cohesity"]},{"id":"application-api-security","name":"Application & API Security","description":"Modern applications are exposed through hundreds of APIs and edge endpoints. We secure that surface end-to-end with API gateways, runtime protection, and edge defenses so you can ship faster without expanding your attack surface.","capabilities":["API gateway and lifecycle management","Runtime API threat protection","Bot mitigation and DDoS defense","Web application firewall (WAF)","Edge security and Zero Trust access"],"partnerIds":["kong","akamai"]},{"id":"operations-integration","name":"Operations & Integration","description":"Security outcomes depend on how quickly teams can detect, route, and respond. We connect security tooling to the systems your operators already use — incident response platforms and integration fabrics — so signal turns into action.","capabilities":["On-call orchestration and incident response","Automated remediation and runbooks","Secure application and data integration (iPaaS)","Cross-platform workflow automation","Compliance-aligned data movement (SOC 2, HIPAA, GDPR)"],"partnerIds":["pagerduty","jitterbit"]}],"partners":[{"id":"crowdstrike","name":"CrowdStrike","category":"Endpoint Protection","description":"Industry-leading endpoint detection and response (EDR/XDR) with managed threat hunting and incident response.","website":"https://www.crowdstrike.com","featured":true},{"id":"wiz","name":"Wiz","category":"Cloud Security","description":"Cloud security posture management with deep visibility into cloud workloads and identities across AWS, Azure, and GCP.","website":"https://wiz.io","featured":true},{"id":"fortinet","name":"Fortinet","category":"Network & SASE","description":"Comprehensive network security with next-gen firewalls, SD-WAN, and SASE solutions for organizations of all sizes.","website":"https://fortinet.com","featured":true},{"id":"okta","name":"Okta","category":"Identity & Access","description":"Enterprise identity and access management with single sign-on, multi-factor authentication, and zero-trust architecture.","website":"https://okta.com","featured":false},{"id":"splunk","name":"Splunk","category":"SIEM & Threat Detection","description":"Security information and event management (SIEM) with advanced analytics, threat detection, and incident response.","website":"https://splunk.com","featured":false},{"id":"snowflake","name":"Snowflake","category":"Data & Analytics","description":"AI Data Cloud unifying analytics, applications, and collaboration across structured and unstructured data — including security data lakes for high-scale log analytics.","website":"https://snowflake.com","featured":false},{"id":"netskope","name":"Netskope","category":"Network & SASE","description":"Cloud-native SASE platform providing secure access, data protection, and threat prevention for cloud-first organizations.","website":"https://netskope.com","featured":false},{"id":"beauceron","name":"Beauceron","category":"Security Awareness","description":"Security awareness and human risk management platform with phishing simulations and compliance training.","website":"https://beauceronsecurity.com","featured":false},{"id":"proofpoint","name":"Proofpoint","category":"Email Security","description":"Advanced email security and threat protection defending against phishing, BEC, and targeted attacks.","website":"https://proofpoint.com","featured":false},{"id":"abnormal","name":"Abnormal Security","category":"Email Security","description":"AI-native email security platform that detects and prevents advanced email attacks including BEC, account takeovers, and supply chain fraud.","website":"https://abnormalsecurity.com","featured":false},{"id":"island","name":"Island","category":"Secure Browser","description":"Enterprise browser providing secure access, data protection, and visibility for all web-based work.","website":"https://island.io","featured":false},{"id":"cohesity","name":"Cohesity","category":"Data Protection","description":"Enterprise data security and management platform delivering backup, recovery, and cyber resilience across hybrid and multi-cloud environments.","website":"https://cohesity.com","featured":false},{"id":"semperis","name":"Semperis","category":"Identity & Access","description":"Active Directory security and recovery with identity threat detection, automated forest recovery, and hybrid AD protection.","website":"https://semperis.com","featured":false},{"id":"akamai","name":"Akamai","category":"Network & SASE","description":"Edge security platform delivering Zero Trust access, WAF, DDoS mitigation, and microsegmentation across distributed environments.","website":"https://akamai.com","featured":false},{"id":"datadog","name":"Datadog","category":"Data & Analytics","description":"Unified observability platform spanning infrastructure, applications, logs, and Cloud SIEM — turning operational telemetry into business and security insight.","website":"https://datadoghq.com","featured":false},{"id":"ibm","name":"IBM","category":"SIEM & Threat Detection","description":"Enterprise security portfolio anchored by QRadar SIEM, Guardium data protection, and global threat intelligence.","website":"https://ibm.com/security","featured":false},{"id":"hashicorp","name":"HashiCorp","category":"Cloud Infrastructure","description":"Cloud infrastructure automation across Terraform, Vault, Boundary, and Consul — provisioning, secrets management, and secure service networking for hybrid cloud.","website":"https://hashicorp.com","featured":false},{"id":"kong","name":"Kong","category":"Application & API Security","description":"API gateway and service connectivity platform with built-in authentication, rate limiting, and runtime API security.","website":"https://konghq.com","featured":false},{"id":"pagerduty","name":"PagerDuty","category":"Operations & Integration","description":"Digital operations and incident response platform enabling on-call orchestration, automated remediation, and security incident workflows.","website":"https://pagerduty.com","featured":false},{"id":"jitterbit","name":"Jitterbit","category":"Operations & Integration","description":"Secure iPaaS for connecting applications and data with encryption in transit and at rest, RBAC, and SOC 2 / HIPAA / GDPR compliance.","website":"https://jitterbit.com","featured":false}],"partnerGroups":[{"name":"Security","categories":["Endpoint Protection","Cloud Security","Network & SASE","Identity & Access","Email Security","Application & API Security","SIEM & Threat Detection","Security Awareness","Secure Browser","Data Protection"]},{"name":"Cloud & Data","categories":["Cloud Infrastructure","Data & Analytics"]},{"name":"Operations","categories":["Operations & Integration"]}],"procurementPathways":[{"id":"direct-engagement","name":"Direct Harborcoat engagement","summary":"Work directly with Harborcoat for cybersecurity and IT advisory, solution design, implementation, and ongoing support.","details":["Best for organizations that want guided vendor evaluation, architecture, implementation, and support.","Start through the Harborcoat contact page or consultation scheduler."],"url":"https://harborcoattech.com/contact"},{"id":"aws-marketplace","name":"AWS Marketplace","summary":"Procure eligible cybersecurity, cloud, and data solutions through Harborcoat on AWS Marketplace.","details":["Use AWS credits or Enterprise Discount Program commitments where eligible.","Consolidate approved software and services on an existing AWS bill.","Request custom-priced private offers tailored to the organization.","Most listings are self-serve; some partners are typically procured by private offer."],"url":"https://aws.amazon.com/marketplace/seller-profile?id=10d0beda-388b-4f33-8659-6439b336e3b1"}],"positioning":{"utahCybersecurity":{"title":"Utah Cybersecurity Partner","url":"https://harborcoattech.com/utah-cybersecurity","summary":"Harborcoat helps Utah schools, local governments, public-sector teams, and enterprise organizations translate cybersecurity requirements into practical controls, procurement paths, and operating routines.","audiences":["Utah K-12 school districts and charter schools","Local governments, counties, municipalities, and special districts","Utah enterprise IT and security teams","Technology teams that need a local partner to coordinate security vendors and implementation work"],"reasonsToTrust":["Located in Lehi, Utah, with a focus on local organizations and public-sector operating realities.","Partner ecosystem spanning endpoint, identity, SASE, email security, SIEM, data protection, cloud infrastructure, and incident operations.","Procurement support through direct engagement and eligible AWS Marketplace private offers.","Practical advisory model that connects policy, vendor selection, deployment, and ongoing operations."]},"hb44SchoolCybersecurity":{"title":"Utah HB 44 School Cybersecurity Guide","url":"https://harborcoattech.com/resources/utah-hb-44-school-cybersecurity","summary":"HB 44 creates a new LEA cybersecurity standards framework in Utah law, requiring local education agencies to comply with minimum cybersecurity standards on a phased timeline and coordinate with state cybersecurity entities.","disclaimer":"This page is implementation guidance for planning conversations, not legal advice. LEAs should follow final state rules, Utah State Board of Education guidance, UETN resources, and counsel as requirements mature.","keyRequirements":[{"title":"Minimum cybersecurity standards for LEAs","description":"HB 44 requires local education agencies to comply with minimum cybersecurity standards established by the Cybersecurity Commission through rulemaking."},{"title":"Phased implementation timeline","description":"The law ties compliance to a phased implementation timeline established in rule, which makes sequencing and documentation important for school districts with limited staff."},{"title":"UETN, Utah Cyber Center, and state board coordination","description":"UETN, in consultation with the Utah Cyber Center and the state board, is tasked with implementation guidelines, technical resources, support, and coordination of cybersecurity services for LEAs."},{"title":"Data breach reporting and response coordination","description":"HB 44 requires LEAs to report data breaches to the Utah Cyber Center and notify the state board within 24 hours of discovery, while coordinating with UETN when network infrastructure or services are involved."},{"title":"Cybersecurity point of contact","description":"LEAs must designate a primary cybersecurity contact to interface with the Utah Cyber Center, the state board, and UETN."}],"implementationPillars":["Readiness assessment and control mapping","Identity, access, and MFA planning","Endpoint detection and response","Email security and phishing resilience","Network and SASE modernization","Logging, SIEM, and incident evidence","Backup, recovery, and ransomware resilience","Breach reporting workflows and tabletop exercises","Vendor consolidation, procurement, and renewal coordination","Documentation packages for boards, auditors, and state coordination"],"faqs":[{"question":"What does Utah HB 44 mean for school cybersecurity?","answer":"HB 44 creates a statutory LEA cybersecurity standards framework, requires phased compliance with minimum standards set through rulemaking, and formalizes coordination among LEAs, UETN, the Utah Cyber Center, and the state board."},{"question":"Does HB 44 list every technical control schools must buy?","answer":"No. The enrolled bill points to standards established through rulemaking and to implementation guidance from state entities. Schools should avoid buying tools before mapping the final requirements to their current controls and budget."},{"question":"How can Harborcoat help a Utah school district prepare for HB 44?","answer":"Harborcoat can help assess current controls, map gaps to practical security capabilities, coordinate vendors, support procurement, and create implementation documentation aligned to a phased plan."},{"question":"Is Harborcoat a state agency or legal compliance authority?","answer":"No. Harborcoat is a Utah-based cybersecurity and IT advisory partner. We help organizations interpret requirements operationally, but LEAs should rely on official state guidance and legal counsel for compliance obligations."}]},"vendorOperationsLayer":{"title":"Vendor Operations Layer","url":"https://harborcoattech.com/solutions/vendor-operations-layer","summary":"A vendor operations layer is the operating function between leadership, IT, procurement, finance, and security vendors. Harborcoat uses this model to help organizations select, buy, implement, renew, and continuously improve their security stack.","outcomes":["Reduce tool sprawl and overlapping renewals.","Translate business risk into a practical vendor roadmap.","Coordinate implementation across multiple security partners.","Use AWS Marketplace or private offers where they improve procurement fit.","Keep vendors accountable after the purchase through tuning, reporting, and support."],"operatingRhythm":["Inventory the current stack, contracts, usage, owners, and renewal dates.","Map existing tools to required outcomes and compliance pressure.","Identify overlaps, missing controls, and integration gaps.","Prioritize the next 90 days of work across budget, risk, and operational capacity.","Coordinate vendors, implementation tasks, support escalations, and renewal decisions."],"faqs":[{"question":"What is a vendor operations layer?","answer":"It is the coordination layer that turns a collection of security vendors into an operating program, connecting procurement, implementation, support, renewals, reporting, and risk decisions."},{"question":"Why would a public-sector or enterprise team need one?","answer":"Lean teams often have more tools than staff capacity. A vendor operations layer helps them choose what matters, reduce overlap, document decisions, and make vendors work together."},{"question":"How is Harborcoat different from buying directly from a vendor?","answer":"Harborcoat represents the customer side of the stack. We help compare options, coordinate partners, support deployment, and keep the technology aligned to business and compliance outcomes."}]}},"importantPages":[{"name":"Home","url":"https://harborcoattech.com"},{"name":"Solutions","url":"https://harborcoattech.com/solutions"},{"name":"Utah Cybersecurity","url":"https://harborcoattech.com/utah-cybersecurity"},{"name":"Utah HB 44 School Cybersecurity Guide","url":"https://harborcoattech.com/resources/utah-hb-44-school-cybersecurity"},{"name":"Vendor Operations Layer","url":"https://harborcoattech.com/solutions/vendor-operations-layer"},{"name":"Partners","url":"https://harborcoattech.com/partners"},{"name":"Contact","url":"https://harborcoattech.com/contact"},{"name":"Newsletter","url":"https://harborcoattech.com/newsletter"}]}