Cyber Security

Cyber Security Challenges

  • Can your network stand up to a hacker?
  • Are your web application and domains core to your organisation secured?
  • Are you on a third party secured cloud infrastructure?

To Address These and Similar Concerns of the Management,
We offer following services:

1. Configuration Audit

We assist conducting configuration audit that includes

  • Review of documentation of security configurations/ security rules defined by the Management. Benchmarking these with global and industry practices like OWASP, helps identification of any gaps that may invite threats to systems.
  • Review of actual security configurations/ security rules set on the servers, firewall etc. to assess effectiveness of security controls.

2. Vulnerability Assessment

Unknown and unaddressed vulnerability is a great threat to entire IT Infrastructure. Timely identification of vulnerabilities of systems and network devices is at the core of cyber security.

We support in setting monthly/ quarterly calendar and performing tool-based vulnerability assessment of

  • Network Infrastructure – Firewalls and Routers
  • Website/ Mobile Application API – Webservers & iOS/ Android API
  • Cloud Servers – AWS, Azure, Google, Private Cloud

3. Penetration Testing

Performing manual tests, over and above tool-based scans, to test the extent of penetration possible into any network infrastructure or systems gives real view of value (assets/ information) at risk.

We support extending Vulnerability Assessment efforts to Penetration Testing that helps not only in prioritizing security patch update process but also better vendor performance reviews where systems management is outsourced to third party services providers.

Key Features

  • Tool based & Manual Tests
  • Benchmarking with OWASP Top 10 Vulnerabilities Database
  • Management Reporting
  • Recommendations

Security Goals

  • Secured network perimeter
  • Safeguards from malicious internal hosts & people
  • OWASP Quality Standard

Compliance Goals

  • ISO 27001, SOC 1 & 2 and Regulatory Compliances

4. Comprehensive Cyber Security Assessment

Security Challenges

  • Are your systems accesses private, controlled & monitored?
  • Is your data at rest and in transit secured from malicious eyes?

With more penetration of technology in our lives, sources and type of risks have also increased. These include, stealing/ leaking personal data, unauthorized access/ abuse to banking, insurance or health data, blocking/ locking of business IT infrastructure or making it unavailable for use.

A comprehensive approach covering all the touch points that may have vulnerabilities towards these risks is required for securing assets and information. We cover following as part of Comprehensive Cyber Security Review

Our Approach To Assess Cyber Security Controls Involve

  • Policy & Procedures
  • As – Is Review
  • Gaps Identification
  • Assist in Maturity Development
  • Periodic Management Reporting

Cyber Security Goals

  • Private, secured & monitored access
  • Secured systems configuration & data
  • Safeguards from malicious internal hosts & people

Compliance Goals

SOC 1 & 2, Regulatory Guidelines, ISO 27001, etc.