contacts - SecureLink

Transcription

contacts - SecureLink
Intelligence
Protection
service catalogue
contacts
Validation
Office 1402, Tiffany Towers - JLT, Sheikh Zayed Road,
Dubai, United Arab Emirates. P.O. Box 99580
T: +971 4 4322416 | F: +971 4 4317051
info@securelinkme.net
Service Support: support@securelinkme.net
securelinkme.net
content
02 about SecureLink M.E.
04 intelligence
06SecurGRC
07SecurSOC
08protection
10SecurAccess
12SecurData
14SecurApp
16SecurNet
19SecureWeb
20SecurPoint
22validation
24SecurTest
25SecurVA
26SecurAudit
27SecurRisk
28SecurPCI
29SecurSCADA
30SecurAssure
31SecurSocial
32SecurCert
about
SecureLink M.E.
SecureLink is a regional security services
provider based in Dubai, UAE catering to
customers across the Middle East region. The
company’s 3-O delivery philosophy (OnLine,
OnDemand and OnSite) harnesses the power
of the Intelligence, Protection, and Validation
platform making SecureLink approach security
services differently – with a Data-Centric pointof-view, focusing on sensitive data to enable
informed security decision-making, and in turn
to effect measurable action.
In a rapidly changing technology driven business environment the complexity for network
and security professionals responsible for ensuring the protection of the organization’s
digital assets is ever increasing. Dynamically changing business requirements,
increasing sophistication of cyber threats and need for reduced response times for
effective business support are the key drivers of pressure. The advent of intelligent and
blended threats has now forced organizations to work with multiple layers of defense to
maintain compliance and protect critical assets.
The complexity introduced by these multiple layers of defense reduces the transparency
of the security infrastructure to be managed. Many organizations continue to use the
traditional point in time assessment methods to validate the security of the various
layers. This does provide some visibility of the environment, but given the dynamism of
the technological growth today, this is not very efficient in contributing to a continuous
monitoring system.
SecureLink brings its unique Intelligence, Protection and Validation methodology
to assist organizations to overcome such challenges of an ever changing threat
landscape by integrating traditional security technologies/solutions with automated
security solutions to create a structured approach for effective information security
implementation. This is a structured, stepwise approach that can be applied in an
iterative model to continually increase the level of automation and protection in an
organization’s information security design.
The bouquet of services offered here can be applied in a
standalone or a combination mode, based on the organization’s
security roadmap and current security posture.
The approach is centered around security intelligence, which
continually monitors all the protection mechanisms and also
receives information from validation processes. A combination
of these feeds is used by the Intelligence component to monitor,
analyze and report on the current state of security of an
organization.
This creates a continual cycle of building security excellence in
your technology environment, by constantly monitoring, validating
and improving the protection of the Security infrastructure. The
following image offers a schematic view of this approach.
SecureLink Solutions
OnLine. OnDemand. OnSite.
02
03
intelligence
A platform that combines and integrates
security intelligence (SIEM) and enterprise
governance, risk and compliance (eGRC)
with deep analytic capabilities and realtime data feeds from hundreds of different
sources to give organizations the ability to
help proactively protect themselves from
increasingly sophisticated and complex
security threats and attacks. The platform
arms organizations with deep insight into
all aspects of enterprise-wide governance,
risk, and compliance.
SecurSOC
Description
enterprise - wide IT security
monitoring and intelligence
Our Security Intelligence Platform integrates SIEM, Risk Management, Log Management, Network
Behaviour Analytics, and Security Event Management into a total security intelligence solution, making
it the most intelligent, integrated and automated security intelligence solution available. As a result, it
enables security professionals to comprehensively prevent, defend, remediate and analyze exploits and
policy violations, all through our unique “one-console” security intelligence approach to:
•
•
•
•
•
Who needs this service?
Delivery Methods
Key Benefits
Supported Platforms
Detailed Operation
Moderating Manager
Inputs
Outputs / Deliverables
Default Items
Optional Items
Excluded Items
Service Availability
Performance Metrics
Charges
06
Our IT Governance Solution reduces the complexity of IT risk management by aligning IT operations
management with corporate business initiatives, strategy, and regulatory requirements.
IT Governance enables organizations to sustain compliance across multiple best practice frameworks
(COSO, CoBit, ITIL, and ISO) and regulations while managing internal IT control and risk according to the
business processes they support.
•
Enables unlimited levels of entities, processes, risks, and control hierarchies to match the unique
structure of an organization.
•
Eliminates redundancies and harmonizes controls across ITIL, COSO, and ISO best practice
frameworks.
•
Delivers on-demand, actionable reporting that can be utilized to monitor IT risks and ensures that
issues are remediated quickly.
•
Identifies and remediates problems quickly and leads to strong enforcement of corporate IT
governance policies.
•
Live links within Microsoft Word, PowerPoint, and Excel refresh embedded charts and reports
automatically for monthly reports, board meetings, while mobile integration allows remote access
to dashboards and reports.
•
Facilitates a flexible approach to risk management that can accommodate changes and align with
an organization’s existing procedures and naming conventions. Lowers total cost of ownership.
•
Leverages existing IT investments to help lower total cost of ownership while improving overall
IT performance.
Who needs this service?
Organizations that has invested in IT Compliance and need to work on Evaluating Risk and Compliance
from an Operational Prospective.
Organizations pursuing regulatory compliance with Governmental Mandates and International Standards
(ISO 27000, HIPAA, PCI-DSS)
•
•
•
OnLine: Cloud Based Security Monitoring Services
OnSite: On Site Deployed System
OnSite Deployment with On Line Management
•
•
•
•
•
•
Security Logs Correlation and Analysis
Configuration Risk Analysis and Reporting
Network Activity Monitoring
Application Activity Monitoring
Virtual Platform Activity Monitoring
Active and/or Passive Vulnerability Assessment
•
•
•
•
•
•
•
•
•
AntiVirus and Host Protection
Authentication and DHCP
Databases
Enterprise Applications
Firewalls/VPN
Host Logs
Intrusion Detection
Intrusion Prevention
Network and Application Flow Data
•
•
•
•
•
•
•
•
•
Delivery Methods
Operating Systems
Point of Sale/Smart Grid
Routers/Switches
Security Appliance and UTM
Storage Management
VPN
Vulnerability Scanners
Web Server, Proxies, Mail, Other
Wireless Management
Key Benefits
The platform collects Security Logs from multiple Event Sources using Syslog, SNMP, SDEE, FTP, SFTP,
SCP, AXIS, LEEF, JDBC, or WMI Interface, in addition to collecting NetWork Flow Details and port spans. It
then performs intelligence operations by correlation and analysis of these security logs and furnishes
details about the current security status before displaying it in a centralized dashboard. The platform
identifies offenses against the event sources and reports it to the system operators so they can be
handled, delegated, or escalated.
Head of Information Security Intelligence Unit
OnLine Service: Host platform is Highly Available and hosted in a Tier 3 Data Centre, 99.99% Availability.
To assure high availability, the client needs to have a redundant connectivity between the infrastructures
OnSite Service: All devices are configured with High Availability, and can be extended with HA Devices
and DR Devices. Support includes standard 8x5 and 24x7.
a business approach to
IT governance, risk, and compliance
Description
Detect threats that others miss
Consolidate data silos
Discover insider fraud
Evaluate risks against your business
Exceed regulation mandates
Detailed Specifications
Service Levels
SecurGRC
OnSite
•
Single Data Repository: A central source for all risk documentation including entities, processes,
risks, controls, tests, and test results. Full document management provides check-in/check-out,
version control, and audit trail capabilities.
•
Business Analytics and Decision Support: Dynamic dashboards, charts, and dimensional reporting
give insight into the state of risk across the organization. Drill-down through sub-reports for root
cause analysis. Provides browser-based ad hoc, drag-and-drop report design.
•
Comprehensive Workflow: Automatic notification and routing of IT-related activities. Tracks and
documents all relevant IT incidents and facilitates root cause analysis. Initiates investigative
workflows driven by top-down planning and business risk.
•
Microsoft® Office and Smartphone Integration: Microsoft Office and smartphone integration lets
users collaborate and access data anytime, anywhere.
•
Fully configurable: 100% configurable by business users, including forms, user interfaces,
language, reporting, workflow, and system-wide settings.
•
Integration with Enterprise Infrastructure Management Applications: Provides interoperability
with third-party technologies, including network and systems management tools, security
management continuous controls monitoring systems, and configuration management databases.
Supported Platforms
System integrates with multiple Event Sources (OS, Application, SIEM Platform, Vulnerability Management
Platform, etc.) to benchmark policy compliance and report incidents
Detailed Operation
After the Assets list is fed to the system, they can be assessed and scored to understand and analyze
their significance in terms of benefit to the business as well as the total exposure they have.
Based on information collected from the Assets in scope, the system will benchmark compliance of these
assets and will evaluate the organization’s IT Risk and Compliance.
Compliance Requirements, Systems included in scope
Real Time Intelligence of IT Security Status | Historical Status and Events Reporting
Moderating Manager
Head of Information Security Intelligence Unit
Security Auditing to be enabled on various IT Assets
Applications to be EAL 4, or at least to have structured Security Logging facility
IT Security Acceptable usage guidelines
Platforms without Security Auditing Facilities
OnLine and OnSite: 24/7 365 days a year
Up-time statistics | Security Events per Second | Flows per Minute
Events per Second | Flows per Minute | Network Devices | Storage Capacity
07
protection
Provides in-depth security protection
for user, data, application, network and
endpoint functions through best-of- breed
security solutions that helps organizations
achieve reliable information security to
protect assets with a Data- Centric pointof-view, focusing on sensitive data as it’s
the most critical assets.
SecurAccess
Description
Who needs this service?
Delivery Method
Key Benefits
cloud-based authentication
This service provides multifactor user authentication to customers who have an online platform that
requires authentication. It brings an opportunity for all scales of business to have a secure dual factor
authentication mechanism in place while avoiding the cost overhead and the security risks that may
come with using the internal authentication mechanism with online and web access that will be used by
your customers or internal users.
Organizations that have multiple users that authenticate through a web portal or online applications to
access organizational data.
•
•
•
•
•
•
•
•
•
Detailed Operation
•
OnLine (cloud based)
•
Supported Platforms
•
Acquirable even if the required number of users is one.
Supports a wide range of tokens and token-less authentication methods allowing each user to
choose the right token type for their individual needs.
Supports 3rd party tokens ensuring that existing investment in tokens is not lost when users migrate
to our solution.
The comprehensive degree of automation in the solution drastically reduces the cost of management
and administration.
Tokens do not expire and can be re-issued to new users, vastly reducing the cost of ownership and
administrative burden.
Provides the overall lowest total cost of ownership of any authentication solution in the market.
Provides a comprehensive self-service portal allowing users to carry out many functions which
would have traditionally only been resolved by a help desk call.
Liberty to choose from soft or hard tokens.
Minimum Capital Expenditure.
24/7 365 support and service management
•
•
•
•
•
•
Moderating Manager
Automated provisioning, management, and de-provisioning of users and tokens, including:
•
Bulk pre-allocation and de-allocation of any token type to groups of users based on
administrator-defined policies, saving time and money.
•
Provisioning self-enrollment so that any user can take any token and enroll without
administrator intervention.
A flexible policy management approach that lets you specify blanket definitions combined with
highly granular policy options
Pre-defined best-practice security policies based on Roles and Delegation rights
Supports multiple business unit entities (and associated network domains) so that the system can
be both centrally controlled and managed but still be delegated to the relevant business units for
local user administration
The ability to sync, import, or manually load authentication system users into the cloud-based
Authentication Service
Automated scheduled reports using predefined or customized templates that can be exported to
third-party applications and dashboards.
The widest choice of authentication tokens and token-less methods, including support for thirdparty tokens, such as OATH
Full customization that allows complete definition and control of your users authentication journey
Head of Information Security Protection Unit
Detailed Specifications
Web portals, web sites, web applications, cloud platform
Authentication Service uses the industry-standard RADIUS and SAML protocols, which essentially
means you can integrate it into any access device or application you like, including all those from major
manufacturers.
Applications and devices that do not support these industry standard protocols can be protected by
installing an Authentication Service agent or integration through the API code provided by SecureLink.
Service Levels
SecureLink will ensure that the Authentication Service will be Available for not less than 99.999% of
the time.
Inputs
Information about the customer environment, gathered during the implementation phase such as
existing authentication methods, Active Directory/LDAP, etc.
Information about current users and beneficiaries of this service
Outputs / Deliverables
Default Items
Optional Items
Excluded Items
Service Availability
Performance Metrics
Charges
10
Accounting reports
Cloud based authentication service; soft tokens
Administration portal for user management; hard tokens
Isolated infrastructure
24/7 365 days a year
Up-time statistics | Secured Authentication | Fast provisioning | Compatibility
Per number of users and/or hard tokens
11
SecurData
Description
data classification
Description
This service is developed to assess the vulnerabilities in databases and assess the security level of the
current configuration on the database
Data classification is the process of separating data into distinct categories or levels by which
different controls, policies and requirements apply. It helps organizations effectively answer the
following questions:
Who needs this service?
Organizations interested in securing their databases by identifying and patching/removing its threats
and vulnerabilities
What data types are available?
Where certain data is located?
What access levels are implemented?
What protection level is implemented and does it adhere to compliance regulations?
Key Benefits
Key Benefits
Organizations that need to strengthen their risk management practices and effectiveness, and to comply
with legal and regulatory requirements. Data classification classifies the organizations data so it can be
found quickly and efficiently.
•
•
Detailed Operation
Bridge and build a single acknowledged standard for data classification between IT and management
and/or other departments.
When data classification is done, it eases the process of compliance and implementation of security
standards and tools such as DLP, file encryption, etc.
Enable organizations to identify what type of data exists in their network, how is this data accessed
and evaluate the current access and usage policies for each type of data.
The SecureLink team will use manual methods such as onsite interviews with data owners, users,
custodians in addition to using certain tools as necessary to develop and identify the different types of
data and the relevant criticality for all the data used within the organization.
In addition, the SecureLink team will utilize their expertise to determine each data type and classify the
information gathered and set the correct classification against the existing company policies and any
compliance standard the organization is complying with.
Moderating Manager
Detailed Operation
Moderating Manager
OnDemand
All platforms, excluding DB2 on z/OS
•
•
•
Identify the vulnerabilities in your databases.
Acquire a full comprehensive report about all the database vulnerabilities and required patches.
Secure your databases against the latest threats
SecureLink team leverages advanced tools and security expertise to sweep across the customer’s
network searching the databases and listing all the vulnerabilities, required patches, recommended
configuration changes, etc.
Head of Information Security Protection Unit
Detailed Specifications
OnDemand
•
Delivery Method
Supported Platforms
When implemented, data classification provides a bridge between IT professionals and process (or
application) owners. IT staff is informed about the data value and on the other hand management (usually
application owners) understands better to what segment of the data centre has to be invested in to keep
operations running effectively.
Delivery Method
database vulnerability assessment
This service classifies structured and unstructured data existing in an organization’s network, which
provides an effective and quicker way to find data.
•
•
•
•
Who needs this service?
SecurData
Inputs
Outputs/Deliverables
Excluded Items
Performance Metrics
Charges
Database information (IP address, Administrator account access)
Full database vulnerability assessment report that includes the vulnerability, explanation and suggested
solution.
Remediation of vulnerabilities
Report Quality | Level of Details | Relevance
Per man-day
Head of Information Security Protection Unit
Detailed Specifications
Inputs
Outputs/Deliverables
Default Items
Performance Metrics
Charges
12
The required classification
classification process
scheme, and
information
needed
to
run
and
complete
the
Data classification report
1.
2.
Data classification for structured data such as database content
Data classification for unstructured data
Report Quality | Level of Details | Relevance
Per man-day
13
SecurApp
application code assessment
Description
This Service reviews the source code of the Applications and lists recommendations and suggestions to
secure the code by following industry standard security best practices for code development.
Who needs this service?
Organizations who want to assess the source code of their applications from security
point-of-view/perspective.
Delivery Method
To help customers build and construct applications in a secure manner, reducing future security issues
and creating applications that follow security standards.
Detailed Operation
SecureLink professional services team will use advanced set of skills and tools to scan the application
source code provided by the customer and develop a full report listing all vulnerabilities and issues
identified in the solution.
Head of Information Security Protection Unit
Outputs/Deliverables
Default Items
Optional Items
Excluded Items
Performance Metrics
Charges
Platform assessment service offers a full system review from architectural and component configuration
perspective such as Windows AD system, Email platform, etc.
This service offers:
•
Full architectural component placement review
•
System configuration review
•
Security management review
•
Review of middleware components and configuration (if installed)
•
Detailed findings and recommendations report.
Who needs this service?
Any organization that has a need for a professional assessment of their existing platforms such as email,
ERP systems, Windows AD systems, etc.
Delivery Method
Key Benefits
Detailed Operation
Application source code provided by customer
Full report listing vulnerabilities and security risks in the code along with suggested correction and
changes to be applied.
Source code assessment
Published environment assessment
Remediation of Vulnerabilities
Moderating Manager
•
•
Review of technology and management controls
Review operating system and application configuration that may lead to information leakage or
system breach
Review of core middleware systems that may result in network breach
SecureLink security experts will analyse the platforms in scope, in addition to interviews and analysis of
the configuration, access policy and operation method, etc.
Head of Information Security Protection Unit
Detailed Specifications
Inputs
Platform information and necessary access authorization
Outputs/Deliverables
•
•
•
•
•
Performance Metrics
Report Quality | Level of Details | Relevance
Report Quality | Level of Details | Relevance
Per man-day
Charges
14
OnDemand
•
Detailed Specifications
Inputs
platform assessment
Description
OnDemand
Key Benefits
Moderating Manager
SecurApp
Full architectural component placement review
System configuration review
Security management review
Review of middleware components and configuration (if installed)
Detailed findings and recommendations report.
Per man-day
15
SecurNet
SecurNet
distributed denial of service (DDoS)
monitoring and mitigation
Description
DDoS monitoring and mitigation provides companies with the most trusted distributed denial of service
(DDoS) mitigation service. DDoS protection successfully blocks the biggest and most complex DoS and
DDoS denial of service attacks that often overwhelm organizations.
Who needs this service?
Organizations under the threat of DoS/DDoS attacks. Organizations that experienced these attacks in the
past and are in the process to equip themselves to prevent and mitigate any future attacks.
Key Benefits
Distributed Denial of Service (DDoS) attacks pose a significant threat to most businesses, jeopardizing
networks, websites, revenues and even reputation. Thus a methodology to mitigate this attack and its risk
must be in place for every organization.
Delivery Method
Detailed Operation
Moderating Manager
Outputs/Deliverables
Default Items
Optional Items
Service Availability
Performance Metrics
Charges
16
Description
Security devices are critical in any network, as they are capable of protecting your company’s valuable
data and assets from the wide range of tools available to cyber criminals.
However, poorly managed network devices can be more of a threat than a protection point. Thus,
SecureLink offers you the ability to offload the duties of managing the security aspect of your firewall to
its own professional and highly skilled security engineers who are well-versed to aid you in taking the most
out of your firewall. We make sure that you keep pace with today’s increasingly complex network security
threats, and ensure appropriate access controls are consistent with the company’s core competencies
and security requirements.
Who needs this service?
Organizations that lack the presence of a team that has the time and security expertise to ensure they
receive the most advanced protection and performance from their firewall device.
OnLine
The service is provided by linking your gateway/uplink to the internet to our DDoS mitigation centers
(Either by BGP route change, Proxy or direct connection) that are capable of handling more than 200Gbps,
thus eliminating any choke points in your network as no hardware is installed.
Head of Information Security Protection Unit
Detailed Specifications
Inputs
network devices management
and monitoring
Necessary information needed to connect our DDoS protection and mitigation centres to your network.
DDoS mitigation for every application layer including Layer 3, 4, and 7
Protect against encrypted attacks that vandalize HTTPS traffic in real time.
(Certified FIPS-140-2 Level 3 key management encryption tools with passive SSL decryption provide
extremely high performance).
DDoS mitigation
Supported Platforms
3Com
Acme Packet
ADTRAN
ADVA Optical Networking
ALAXALA
ALAXALA Networks
Alcatel
Allied Telesis
Arista Networks
Aruba
Avaya
Blue Coat
Brocade
Canoga Perkins
Checkpoint
Ciena
Cisco
Citrix
Dax
Dell
DIGI
DLink
Enterasys
Extreme
F5
Force10
Fortinet
Foundry
Fujitsu
H3C
Hirschmann
Hitachi
HP
Huawei
Juniper
Meru
Mistletoe
Motorola
MRV
NETGEAR
Nortel
Palo Alto
Proxim
Radware
Riverbed
Siemens
SlimLine
Vanguard
WatchGuard
Yamaha
DDoS Monitoring
24/7 365 days a year
Up-time | Time of Remediation | Scalability | High bandwidth size
Variable
17
Delivery Method
OnLine (remote engineers will manage through SecurSOC)
Key Benefits
To keep pace with today’s increasingly complex network security threats. Security policies and
configurations must be updated to ensure appropriate access controls are consistent with changing
corporate environments. In many cases, companies struggle to allocate the appropriate resources toward
core competencies and security requirements.
Detailed Operation
Firewall will be managed and handled by a team of experienced security engineers to ensure you are
provided the following key benefits:
•
Provide 24/7 protection and support
•
Forward firewall logs for archiving and forensics
•
Correlate firewall log data with information collected from other managed devices (if present).
•
Monitor health and security events 24/7
•
Notify customers of major security and health issues and provide event descriptions, context, and
high-level remediation suggestion.
•
Change firewall rules
Moderating Manager
Head of Information Security Protection Unit
Detailed Specifications
Inputs
Outputs/Deliverables
Network devices access and authorization
•
•
Monthly security assessment per device with quarterly reporting
Security assessment per change
Reporting per quarter based on compliance standards
Provide 24/7 support
Real-time monitoring of health and ensured availability of the firewall
Provision for detailed and contextual event descriptions with high-level remediation suggestions for
identified issues
ITIL based change management process
Firewall management assessment.
Optional Items
•
•
Forward firewall logs for archiving and forensics
Correlate firewall log data with information collected from other managed devices.
Excluded Items
•
•
Updating and patch management
Termination of VPN connections, etc.
Service Availability
Performance Metrics
Charges
•
•
•
•
•
•
24/7 365 days a year
SecurWeb
Description
total web security
SecurWeb TWS is a package that will cover assessment and protection for all web components such
as your website and hosting servers and infrastructure (web facing network firewalls and intrusion
preventions systems) down to the website content inspection.
The value of “Total Web Security” is that it will keep you at the highest level of readiness from attackers
that are targeting your websites and web applications, as well as your internet facing infrastructure.
Total Web Security methodology is not only an assessment against assets and contents, but it includes
24/7 monitoring and early alerting services provided by “800-Cyber” SecureLink’s Security Operations
Center
Who needs this service?
Delivery Method
Key Benefits
Response time | Time of Remediation | Availability
Per device/request
Detailed Operation
Any organization that has a website hosted at their premises or at a hosting provider
OnLine
•
•
•
•
•
Web sites and applications BlackBox penetration testing
Web servers vulnerability assessment
Internet facing firewalls assessment
Internet facing intrustion prevention systems assessment
24/7 web site security monitoring and early alerting
SecureLink security experts will start the project by conducting the web infrastructure assessment
such as website penetration testing, moving to web server vulnerability assessment and network device
assessment (firewalls and intrusion prevention systems) as SecureLink will ensure all vulnerabilities
and threats are rectified and the Security Operations Center teams will start passive monitoring of
the website.
SecureLink is subscribed to the world’s largest multivendor online threat database to be ahead of time
in alerting on any zero-day vulnerability that becomes known to the labs. While this happens, SecureLink
has an automated system to compare the threat against the monitored website or web application and
alert to take preventative measures until the vendor patches the vulnerability.
Moderating Manager
Head of Information Security Protection Unit
Detailed Specifications
Inputs
Charges
18
Website or web application details and infrastructure information
Per domain/device
19
SecurPoint
forensic analysis
Description
Computer forensics, also called “Cyber-forensics”, is the application of computer investigation and
analysis techniques to gather evidence suitable for presentation in a court of law. The goal of computer
forensics is to perform a structured investigation while maintaining a documented chain of evidence to
find out exactly what happened on a computer and who was responsible for it.
Who needs this service?
Any organization that has been attacked, breached or is suspecting a breach can benefit from this
service. Additionally, organizations that would like to be ready and prepared with the necessary forensic
tools in case any breach happened
Delivery Methods
OnDemand
Key Benefits
Perform forensic analysis and investigation to any breach/suspected breach you had and take advantage
of the highly skilled SecureLink engineers to provide a quick and sharp incident response and analysis
investigation while ensuring you maintain the highest level of confidentiality.
Detailed Operation
Forensic investigators typically follow a standard set of procedures: After physically isolating the
computer in question to make sure it cannot be accidentally contaminated, investigators make a digital
copy of the hard drive. Once the original hard drive has been copied, it is locked in a safe or other secure
storage facility to maintain its pristine condition. All investigation is done on the digital copy.
Moderating Manager
SecurPoint
host-based protection
Description
Host based protection is a service that provides a flexible protection mechanism that monitors, detects
and counters against the known cyber threats utilizing the following :
•
Host based intrusion prevention system
•
Host based anti-malware and anti-virus system
•
Host based data protection/data leakage prevention system.
Who needs this service?
Organizations that want to make sure their end points are secured to the best possible level from
intrusions, malware, viruses and data leakage.
Delivery Method
Detailed Operation
Moderating Manager
OnLine
Endpoint security solutions are deployed on the systems that are in scope. The solutions are fully
managed and maintained by SecureLink for updates, patches and signatures, etc.
Head of Information Security Protection Unit
Head of Information Security Protection Unit
Detailed Specifications
Outputs/Deliverables
Complete forensic analysis and investigation report on the suspected attack/breach in a timely and
secure manner ensuring your privacy and confidentiality of the incident.
Performance Metrics
Report Quality | Level of Details | Relevance
Charges
Per man-day
Detailed Specifications
Outputs/Deliverables
Charges
20
•
•
•
Host based intrusion prevention system
Host based anti-malware and anti-virus system
Host based data protection/data leakage prevention system.
•
•
•
•
Protection methodology
Attack mitigation
Low resources utilization
Automation
Per agent
21
validation
Delivers a range of security services
to simplify security management and
to accelerate the speed of real-time
protection against threats by detecting
attacks, assessing vulnerabilities, and
responding with effective remediation.
SecurTest
Description
Who needs this service?
Delivery Method
Key Benefits
Detailed Operation
Moderating Manager
web penetration testing
SecurTest offers regular or on demand analysis of internet facing gateways such as network nodes,
websites, and applications for potential vulnerabilities that can result from poor or improper coding,
software flaws, and weaknesses. Security posture needs to be examined on a regular basis to account for
the evolution of new Internet threats.
SecurVA
Description
Any organization that has a web facing gateways of organizations, portals, and website or network
gateways, accessible 24/7 from anywhere in the world.
Penetration testing is a method of evaluating the security of a computer system or network by simulating
an attack from a malicious source. The process involves an active analysis of the system for any potential
vulnerability and then leveraging the same to simulate a controlled attack. The result of this exercise
helps in getting a report about the practical reality of the security posture and this can then be utilized
either to reinforce confidence on the network or to identify and implement technical countermeasures to
block identified weaknesses.
A Vulnerability Assessment is an examination of all the technical vulnerabilities present in a network.
Both external and internal vulnerabilities must be identified and validated to provide a “hackers view”
into the network and systems.
Vulnerability Assessment involves the discovery and documentation of known vulnerabilities in predefined systems which can be exploited to obtain unauthorized access and compromise confidentiality,
integrity and availability of information. Securing your network begins with first knowing every network
device and software application that resides within your infrastructure.
OnDemand
As many as 70% of websites have vulnerabilities that could lead to the either damage to reputation,
or theft of sensitive corporate data such as credit card information and customer lists. Hackers are
increasingly targeting web facing gateways of organizations, portals, and website or network gateways,
to disrupt business for ulterior motives. Accessible 24/7 from anywhere in the world, insecure web
gateways provide easy access to corporate resources and reputation. Also, hackers have been known
to compromise a site or gateway to use it to perform other nefarious activities on the web, thereby
transferring the legal and reputational liability of their acts to the company whose resources have been
compromised. A victim’s website can be used to launch criminal activities such as hosting phishing sites
or to transfer illicit content, while abusing the website’s bandwidth and making its owner liable for these
unlawful acts.
OS and app
vulnerability assessment
Who needs this service?
Delivery Method
Organizations that have critical servers hosting a variety of operating systems and applications and are
looking for a way to assess their current security level and closing any gaps or vulnerabilities present in
these systems.
OnDemand
Key Benefits
A regular vulnerability assessment keeps an organization abreast of changes in their security posture in
relation to their business environment.
Detailed Operation
SecurVA discovers all available OS and applications in your network, including desktops, servers,
operating systems, applications as well as many other network elements. Consequently, a global database
is effectively referred, to check for existing vulnerabilities in these devices. These checks can be on a
regular periodic basis or as an on demand service. Since the technology for internet is very dynamic and
changing rapidly, the security posture of any organization is liable to change based on the technological
developments of the industry.
Moderating Manager
Head of Information Security Protection Unit
Head of Information Security Protection Unit
Detailed Specifications
Detailed Specifications
Inputs
Outputs / Deliverables
Performance Metrics
Charges
24
Inputs
Internet web facing application addresses, portal addresses, internet facing device information, access
credentials (if required)
•
•
•
•
•
•
•
•
Minimized enterprise risk exposure.
Pro-active identification and remediation of security risk and breaches.
Meet the auditing/compliance aspects of regulations such as HIPAA, GLBA, PCI and Sarbanes-Oxley.
In-depth investigation of enterprise systems from an internal or external perspective.
Optimized deployment of security resources.
Generate an effective case for security infrastructure investments.
Checks security of secured pages normally protected by passwords
Minimized chances for reputational loss
Outputs / Deliverables
Performance Metrics
Charges
List of present OS servers, desktops, and applications to be covered in the vulnerability assessment.
•
•
•
•
•
•
Proactive focus on information security
Find proactive identification of potential vulnerabilities
Reduced security risk with up-to-date and patched systems
Protection of confidential information and intellectual property
Reduced risk of financial and reputation loss
Increase internal compliance level
Report Quality | Level of Details | Relevance
Per man-day
Report Quality | Level of Details | Relevance
Per man-day
25
SecurRisk
Description
The SecurRisk service enable a customer to identify, assess and act on the risks to the environment in
which they function. The service is used to assess risks to organizations in a quantitative or qualitative
fashion. A comprehensive risk management process covers risks related to people, processes and
technology bringing various aspects of risk together to enable better decision making.
Who needs this service?
Any organization which wants to put a methodical process in place to identify, assess and evaluate risks.
Delivery Method
Key Benefits
Detailed Operation
SecurAudit
Description
Who needs this service?
Delivery Method
Key Benefits
Detailed Operation
Moderating Manager
information security audit
The SecurAudit service allows customers the ability to review the quality of their security controls to
ensure their effectiveness and comprehensiveness. The SecurAudit service is done using sophisticated
automated and manual methods which provide an in-depth review of the security controls implemented.
Any organization wishing to review the effectiveness and coverage of its security controls.
OnDemand
•
•
•
•
Unbiased and expert independent input
Comprehensive coverage of security controls
Reduce risk and liability
Improve accountability and reliability
information risk management
Moderating Manager
OnDemand
•
•
•
•
•
•
Aligned to international best practices
Individually tailored to the client and their business
Quantitative and qualitative methodology
Granular risk assessment covering each individual asset
Detailed methodology which is comparable and repeatable
Extensive knowledge transfer and training
The service involves development of a risk management methodology and detailed assessment carried
out by security professionals at the client premises. The assessment is carried out using automated and
manual methods of information gathering.
Head of Information Security Validation Unit
Detailed Specifications
Inputs
Information regarding the processes and assets in scope
Outputs / Deliverables
Risk management methodology, risk assessment report, and risk treatment plan
Default items
Risk Management methodology developed against ISO 27005:20011, ADSIC, NIST
Optional items
Excluded Items
Performance Metrics
Charges
Assistance in closing process related risks
Supply of technology or tools
Report Quality | Level of Details | Relevance
Per man-day
The SecurAudit service is conducted by seasoned information security professionals at the customer
site. The service covers people, process and technology related controls.
Head of Information Security Validation Unit
Detailed Specifications
Inputs
Outputs / Deliverables
Default items
Optional items
Excluded Items
Performance Metrics
Charges
26
Information regarding the processes in scope
Audit report
Audits carried out as per ISO 19011. Audits done against ISO 27001, PCI-DSS, COBIT, ADSIC etc.
Audit procedure and methodology
Aspects out of agreed scope
Report Quality | Level of Details | Relevance
Per man-day
27
SecurPCI
Description
Who needs this service?
Delivery Method
Key Benefits
Detailed Operation
Moderating Manager
PCI-DSS compliance
The SecurPCI service allow organizations that are required to comply with PCI-DSS requirements to
assess their readiness to the standard. The service validates the requirements of the PCI-DSS standard
against the current controls implemented in the organization and provide a roadmap for adherence or
continued compliance.
Any organization wishing to adhere to or review its adherence to PCI-DSS requirements.
OnDemand
•
•
•
•
Assessments done by Qualified Assessors
Extensive Industry experience
In-depth assessment of Cardholder Data Environment(CDE)
Granular review of firewalls and security devices
SecurSCADA
SCADA assessments
Description
SecurSCADA service is aimed at securing industrial control systems. The service covers in-depth
assessments of industrial control systems, training of personnel, deploying security controls and
processes for sustenance of the security program.
Who needs this service?
Any organization using industrial control systems (ICS) and interested in ensuring the security of
these systems.
Delivery Method
Key Benefits
The service involves an on site visit, detailed assessments and validation of controls.
Head of Information Security Validation Unit
Detailed Operation
Moderating Manager
OnDemand
•
•
•
•
•
•
•
•
Analysis of the firewall, router and switch configurations
Analysis of the SCADA, DCS, and EMS security configurations
Analysis of the IP-based field device configuration
Interviews with managers, operators, engineers and system administrators
Review of policies, procedures and related documents
Analysis of availability related to component failure and widespread disaster
Analysis of the ability to recover from a cyber attack
Analysis of the physical security of cyber assets
The service involves an on site visit, detailed assessments and validation of controls on ICS.
Head of Information Security Validation Unit
Detailed Specifications
Inputs
Outputs / Deliverables
Default items
Excluded Items
Performance Metrics
Charges
As per Information gathering checklist
Assessment report with recommendations
Assessments done against NIST SP 800-82/53, ISO 27002, NERC CIP
Restricted to scope defined
Report Quality | Level of Details | Relevance
Per man-day
Detailed Specifications
Inputs
Outputs / Deliverables
Default items
Optional items
Excluded Items
Performance Metrics
Charges
28
Information on the CDE
Assessment report
Assessment on the requirements of the PCI-DSS V2.0 standard
Confirmatory Assessment
PCI-DSS Certification
Report Quality | Level of Details | Relevance
Per man-day
29
SecurSocial
Description
The SecurSocial services offers customers the opportunity to manage, monitor and enforce information
security policies of the organization on the use of social media.
Who needs this service?
Any organization keen on monitoring their social media presence from an information security
perspective, and any organization interested in allowing controlled access to social media for their staff.
Delivery Method
Detailed Operation
Moderating Manager
SecurAssure
The SecurAssure service is aimed at ensuring the continuity of operations of an organization. The service
is aimed at building an effective business continuity management system and improving the resilience
of its operations
Who needs this service?
Any organization interested in improving the resilience of its operations and ensuring the continuity of its
business in adverse conditions
•
•
•
•
Structured approach to business continuity
Qualitative or Quantitative Impact Assessment related to business requirements
Increase organizational resilience
Improved customer satisfaction and loyalty
Detailed Operation
•
•
•
•
•
•
BCMS Mandatory Documentation
Business Impact Analysis
Risk Assessment
Business Continuity Strategy
Business Continuity Plans
Exercise and Audit
Head of Information Security Validation Unit
Outputs / Deliverables
Default items
Optional items
Excluded Items
Performance Metrics
Charges
30
Head of Information Security Validation Unit
Detailed Specifications
Inputs
Outputs / Deliverables
Default items
Detailed Specifications
Inputs
This service is a combination of OnSite and OnLine, with most of the effort OnLine. For monitoring, our
teams use the OnLine component, and for controlling the social media use, we use the OnLine and
OnSite methods.
OnDemand
Key Benefits
Moderating Manager
OnLine, OnDemand, OnSite
resilience
Description
Delivery Method
manage and monitor social media
Performance Metrics
Standards based checklist
Charges
From social media on the internet
Report
Manage, monitor and enforce organizational policies on the use of social media
Report Quality | Level of Details | Relevance
Per man-day
Establish a business continuity management system
Assessments done against ISO 22301, PAS77, ISO 27001
Training, methodology development
Supply of software/technology
Report Quality | Level of Details | Relevance
Per man-day
31
SecurCert
Description
Who needs this service?
Delivery Method
Detailed Operation
Moderating Manager
security awareness training
This service is provided to customers to create security awareness in their organization.
Organizations interested in End User Security Awareness.
OnLine, OnDemand, OnSite
Custom trainings developed as per customer requirements
Head of Information Security Validation Unit
Detailed Specifications
Service Levels
Inputs
Outputs / Deliverables
Default items
Optional items
Excluded Items
Service Availability
Charges
32
User feedback
Training requirements
Security awareness evaluation report
Training and training material
Printed material
Books or any other supporting material
8/5
Per man-day