Security Services. 30 years of experience in IT business

Security Services 30 years of experience in IT business

Table of Contents 1 Security Audit services!...!3 1.1 Audit of processes!...!3 1.1.1 Information security audit...3 1.1.2 Internal audit support...3 1.1.3 Information systems audit...3 1.1.4 Audit of cloud suppliers...4 1.2 Technological audit!...!4 1.2.1 Systems and networks penetration tests...4 1.2.2 Software tests...5 1.3 Consulting services!...!5 1.4 IT Governance and IT Management!...!6 1.5 Risk management!...!6 1.6 Information Security Management!...!6 1.7 Business Continuity Management!...!7 1.8 Cloud security!...!7 1.9 SCADA systems security!...!8 2 Security Software Solutions!...!9 2.1 SIEM (Security Information and Event Management)!...!9 2.2 DLP (Data Leakage Protection)!...!9 2.3 End-Point Protection!...!9 2.4 MOBILE SECURITY!...!10 2.5 IPS (Intrusion Prevention Systems )!...!10 2.6 UAM (User Activity Monitoring)!...!10 2.7 Vulnerability Management!...!10 2.8 Secure Web Gateway (proxy)!...!11 2.9 Secure Mail Gateway!...!11 2.10 NGFW (Next-Generation Firewall )!...!11 2.11 Zero-day protection (sandboxing)!...!12 2.12 Secure authentication (two factor authentication, token)!...!12 3 Security solution suites!...!13 3.1 Adaptive GRC!...!13 3.2 BCM Logic!...!14 3.3 BIC PLATFORM!...!15 2

1 Security Audit services 1.1 Audit of processes 1.1.1 Information security audit We deliver information security audits mainly based on the ISO 27000 family. Depending on the aim and scope of an audit, during the process of examination other norms and standards are being used such as COBIT, internal policies, regulatory and industry requirements and standards. Our offer includes: Audit of information and security systems Penetration testing (ethical hacking) Physical security audit Software legality audit Compliance audit with ISO/IEC 27001 other indicated norms and standards Compliance audit with internal policies and regulations 1.1.2 Internal audit support We perform independent audits of management processes and support internal audit units in fulfilling their tasks. Our offer includes: Completion of ordered audit tasks in areas requiring highly specific knowledge such as: o Audit of projects o Information systems audit o Information security audit Organizing of an internal audit unit Building of an internal audit team Development of an internal audit charter Preparation of audit plans and programs Assessment of internal audit practices required by International Standards for the Professional Practice of Internal Auditing 1.1.3 Information systems audit We perform information systems audits based on COBIT, ISO/IEC 27001 as well as other acknowledged standards and norms. Our offer includes: Audits and specialist reviews: o Business continuity management o Post incident reviews o Change management o Information security management o User management 3

o Audit of projects Compliance audits against laws, standards and internal regulations: o ISO/IEC 27001 o PCI DSS o o other regulatory and industry requirements and standards Audit and assessment of the maturity of IT management processes Information security audit Pre- and post- implementation IT systems audit Suppliers audit 1.1.4 Audit of cloud suppliers We help to evaluate cloud providers and deliver audits on clients or providers behalf. Our work is based on best practices developed by the Cloud Security Alliance. Our offer includes: Configuration review of systems key elements Whitebox and blackbox penetration tests Audit of compliance with laws, regulations, best practices and internal rules Support in implementing CSA Security, Trust and Assurance Registry ( STAR ) certification program 1.2 Technological audit 1.2.1 Systems and networks penetration tests We deliver penetration tests (ethical hacking) aimed to assess organizations network security and the security of its information systems as well as to highlight vulnerabilities, which can be a threat to information security. During these tests we use OWASP best practices. Our offer includes: Vulnerability scanning and systems security tests External and internal penetration testing (black box, white box) Application penetration testing Social engineering tests External and internal vulnerability tests The tests are designed to reveal vulnerabilities, security holes and misconfigurations of systems connected to the Internet and your internal network. External and internal penetration tests 4

The objective for external tests is to simulate an attack on information systems from the Internet. These tests reveal security holes, which can be used by hackers to gain access to confidential information The objective of internal tests is to assess the status of information security system from the internal user point of view e.g. employee, co-worker, contractor. The tests reveal security holes, which can lead to internal frauds. Application penetration tests The objective of these tests is to simulate an attack from the Internet or LAN network on web applications or transaction systems e.g. e-commerce, e-banking, information portal, intranet portal etc. Social engineering tests Social engineering tests relay on security assessment with using non-technical methods (soft). These tests reveal security holes resulting from the human factor e.g. employees and other systems users, who without the proper level of awareness can be a serious threat to information security. 1.2.2 Software tests We plan, perform and interpret the results of software tests. They play crucial role in quality assurance in the software development process no matter if the software is created inhouse or by external suppliers. In case the system implementation is being provided by an external supplier, transition procedures should include the execution of acceptance tests with software tests as an integral part of it. Our offer includes: Management of the acceptance testing process Development of tests plans Development of test cases and test scenarios Performance of acceptance tests including: o Functional tests o Integration tests o Capacity tests o Endurance tests o Security tests 1.3 Consulting services We treat each client individually, we use recognized international standards and we are proud of our professional experience. Services we provide are not only our job but also our passion - that's the reason we deliver top quality services. 5

Ensuring the highest quality of offered services we struggle to deliver tangible benefits to our clients. We work with companies who appreciate added value obtained from projects we jointly implement. While fulfilling audit and consulting services and analyzing the risk we support our efforts using modern software which facilitates the effective usage of the results we provide to our customers. 1.4 IT Governance and IT Management Business utilization of information technologies create new risks and challenges which should be managed. Concept of management and supervision over business usage of information technologies is commonly known as IT Governance. Key issues concerning IT Governance include IT strategy, value delivery, risk management, resource management and capacity measurement. Our offer contains: Preparation of the IT development strategy Maturity assessment of management processes Modeling the organization of IT management Development of the risk management system Preparation of the IT measurement system Complex implementation of IT Governance Analysis and improvement of IT management processes 1.5 Risk management IMMUSEC helps to manage IT and business risk in an intelligent manner. We will help you to understand the risks that the company is exposed to and reduce them to the acceptable level. For the effective operation of the whole process we will train your employees and help to introduce risk management supporting systems. Our offer contains: Development of the risk management strategy Preparation and support while introducing the risk management process. Developing the risk reporting system Risk analysis and preparation of risk maps Support during the development of risk management process documentation. 1.6 Information Security Management Nowadays information is the most valuable asset within organization and is subject to particular protection. IMMUSEC offers a package of complex consulting, audit and training 6

services within a framework of information security management understood as IT security, personal data protection, physical security and business continuity. Our offer contains: Preparation and implementation of the Information Security Management System based on the ISO/IEC 27001 standard Development of information security strategy and policies Creation of personal data protection procedures Maturity assessment of security management processes Conducting the information security awareness programs 1.7 Business Continuity Management The objective of business continuity management is to assure that the company will operate in situation when critical processes are interrupted e.g. as a result of powers of nature, information systems failures, non-availability of key resources or staff. The specific aspect of business continuity, which is critical especially for organizations that base their competitive advantage on the effective information management and automation of processes, is the management of IT service continuity. Our offer contains: Business Impact Analysis Risk assessment and establishment of acceptable level of risk Development of business continuity management strategy. Establishment of efficient crisis management structures Establishing a cooperation plan with stakeholders, suppliers and partners Preparation of business continuity awareness program Defining the recovery of key processes, services and resources Business continuity and emergency plans tests 1.8 Cloud security Cloud computing despite its undoubted benefits carries a lot of threats. In order to fully use its potential and gain expected savings IMMUSEC helps to manage risk and cloud information security. Our offer contains: Preparation for moving into the cloud Supporting the development and negotiating conditions of supplier contract Risk analysis Assistance in order to meet the requirements of certification process (ISO/IEC 27001 and STAR - Security, Trust and Assurance Registry by CSA) 7

1.9 SCADA systems security SCADA have developed from closed, unique systems to the modern solutions, which are often connected to the networks and interfaces. Using the languages, methods and practices, which were previously compromised, makes SCADA vulnerable to the same threats as other systems and networks. IMMUSEC helps to avoid cyberattacks, which may appear in order to obtain the control of the system by cybercriminal. Our offer contains: Performing SCADA systems vulnerability tests, Performing SCADA systems penetration testing, Review of SCADA systems roles and responsibilities, Review of SCADA systems architecture, Review of SCADA systems physical security, Development of security policies and procedures. 8

2 Security Software Solutions 2.1 SIEM (Security Information and Event Management) Our high-performance, powerful security information and event management (SIEM) brings event, threat, and risk data together to provide strong security intelligence, rapid incident response, seamless log management, and extensible compliance reporting. Vendors: McAfee, EandQ (Data Leakage Protection) Discover, monitor, protect and manage your confidential data wherever it s stored and used across endpoints, mobile devices, network and storage systems - with the market-leading data loss prevention solutions. DLP Vendors: Symantec, McAfee, Checkpoint, Fortinet, BlueCoat 2.3 End-Point Protection Endpoint protection solutions (antivirus, HIPS/HIDS, encryption) protect valuable corporate data on end-user devices and shared servers and integrated, centralized management, consistent policies, robust reporting, and proof-of-protection. Vendors: Symantec, McAfee, Checkpoint, Fortinet 9

2.4 MOBILE SECURITY Explore everything the new mobile world has to offer, and do it safely and confidently with industry-leading technologies. When you select new apps, shop online, browse social networks, or use your device for banking and payments, our solution is there to protect you. Our products protect your mobile devices from threats, provide a secure business environment for mobile device use and protect business documents wherever they go. Vendors: Citrix, Symantec, Checkpoint, McAfee, PaloAlto 2.5 IPS (Intrusion Prevention Systems ) A network security/threat prevention technology that examines network traffic flows to detect and prevent vulnerability exploits. Vulnerability exploits usually come in the form of malicious inputs to a target application or service that attackers use to interrupt and gain control of an application or machine. Following a successful exploit, the attacker can disable the target application (resulting in a denial-of-service state), or can potentially access to all the rights and permissions available to the compromised application. Vendors: Cisco, Checkpoint, Fortinet, McAfee 2.6 UAM (User Activity Monitoring) Appliance that controls privileged access to remote IT systems, records activities in searchable, movie-like audit trails, and prevents malicious actions. Vendors : ObserveIT, Balabit,Fudo 2.7 Vulnerability Management Vulnerability management is considered a security best practice defensive measure to protect against today's threats. We provide vulnerability management solution to analyze vulnerabilities, controls, and configurations to find the who, what, and where of IT security risk. Vendors: Rapid7, Symantec, McAfee 10

2.8 Secure Web Gateway (proxy) SWG system provide complete control over all web traffic, delivering world-class threat protection. Robust features include user authentication, web filtering, data loss prevention, inspection, and visibility of SSL-encrypted traffic (including the ability to stream decrypted content to an external server with an Encrypted Tap license), content caching, bandwidth management, stream-splitting and more. Vendors: BlueCoat, McAffee 2.9 Secure Mail Gateway Secure Mail Gateway enables organizations to secure their email and productivity infrastructure with effective and accurate real-time antispam and antimalware protection, targeted attack protection, advanced content filtering, data loss prevention, and email encryption. Messaging Gateway is simple to administer and catches more than 99% of spam with less than one in a million false positives. Vendors: Symantec, McAffee 2.10 NGFW (Next-Generation Firewall ) A Next-Generation Firewall (NGFW) is an integrated network platform that combines a traditional firewall with other network device filtering functionalities such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS) and/or other techniques such as SSL and SSH interception, website filtering, QoS/bandwidth management, antivirus inspection and third-party integration This enables to deliver the industry s best evasion prevention along with complete next-generation firewall protections when and where you need it remote sites, branch offices, data centers, and the network edge. Vendors: PaloAlto, McAfee,Checkpoint 11

2.11 Zero-day protection (sandboxing) Zero-day protetion prevents infections from undiscovered exploits, zero-day and targeted attacks. This innovative solution quickly inspects files and runs them in a virtual sandbox to discover malicious behavior. Discovered malware is prevented from entering the network. Vendors: Checkpoint, PaloAlto, Fortinet, BlueCoat 2.12 Secure authentication (two factor authentication, token) A strong authentication solution that validates the identities of users and computing devices that access the non-public areas of an organization s network is the first step in building a secure and robust information protection system. Vendors: SafeNet, HID-Global 12

3 Security solution suites 3.1 Adaptive GRC AdaptiveGRC is an enterprise governance, risk management and compliance (egrc) solution set with unique and unequalled capabilities. AdaptiveGRC can be deployed as one fully interconnected solution suite, or you can choose one or more modules. Changes in technologies, increased regulation and increased globalization are making a fully interconnected governance, risk and compliance system a must have requirement. For all levels of any organization, the ability to measure, monitor and manage your GRC activities rapidly and efficiently is the difference between success and failure. AdaptiveGRC uses a unique data fabric to help bind and connect information and functionality. Every AdaptiveGRC solution is able to leverage this same data fabric. What sets AdaptiveGRC above other egrc and IT GRC Systems? All of your GRC data in one interconnected system, Streamlined workflows leveraging interconnected data, enabling new levels of efficiency, productivity and data visibility, Unequalled, instant management reporting from any stakeholder perspective CFO, CIO, CCO, Privacy Officer, by location, regulation, etc., Accommodates the real environment multiple regulations, distributed systems (often outside the company network), rapid changes, Full audit trail and electronic signature functionality, capable of meeting the US 21 CFR Part 11 requirements. http://candf.com/ 13

3.2 BCM Logic BCMLogic KPI software provides always up-to-date business metrics based on automated reporting, workflow and IT systems data gathering engine. The software helps organizations to have focus on their goals, map their strategies and then monitor and manage performance from high-level strategic goals to operational metrics. It also helps in finding out the causes of underperformance, take action to reduce costs and optimize profitability with the various business areas such as sales, production, customer, services and like. This leverages organizations to analyze real-time information to make more informed business decisions. Clearly IT acts as a strategic weapon to provide competitive advantage. BCMLogic KPI software provides always up-to-date business metrics based on automated reporting, workflow and IT systems data gathering engine: Monitor business processes, IT services and infrastructure real time, Manage incidents from business perspective, assess the risks and impacts, Define response procedures, minimize the reaction times due to automatic workflow, Our innovative concept is to move business continuity to a role of day by day partner for the business. http://bcmlogic.com/ 14

3.3 BIC PLATFORM BIC Platform (Business Information Center) is an application that offers a comprehensive solution for enterprise architecture management in any organization. The database developed in BIC Platform applications provides a central platform enabling knowledge modeling, analysis and visualization of the organization. BIC Platform is a market leader in the area of process-driven organization management. On one hand BIC Platform offers ease of use, allowing you to quickly start working, and on the other hand you get a comprehensive and flexible solution to model the organizational architecture and processes, according to the business needs and requirements. An integrated, comprehensive, complete and extremely easy to use: Build a clear and complete description of business processes, Discover potential of optimization and increase of operational efficiency, Identify relationships linking business processes and IT systems, Define needs, requirements and resources necessary to comply, using a processoriented cost calculation, Design business processes and organizational structures, Prepare and introduce changes and improvements using efficient workflow and communication, Plan and execute internal and external audits using a professional management documentation, Monitor effectiveness of processes and IT systems. http://ateris.pl/ 15