ISO 27001 Framework Implementation: - Development, implementation and maintenance of Information Security Management System framework (ISO 27001)
Information Risk Assessment: - Conducting in-depth reviews, risk assessment and selecting appropriate risk mitigation strategies aligned to ISO 27001.
Vulnerability Assessment and Penetration Testing.(Application): - Conducting vulnerability assessment as per OWASP guidelines and validating closure.
Vulnerability Assessment and Penetration Testing.(Infrastructure): - Conducting vulnerability assessment through discovery, prioritization, assessment, reporting, remediation and verification, for both periodic & unplanned scans.
Datacentre Audit: - Conducting security audits for evaluating control effectiveness for storage, backup, network, patch management, asset management, perimeter security, facility, computer room/cabinet, physical space, flooring, standby power, data cabling, cooling, fire suppression, access & environmental control.
Data Leakage Prevention (DLP): - Managing implementation of DLP solution, which provides content/context aware policy enforcement to discover, monitor, identify and prevent leakage of confidential information at rest/in use/ in motion, across network/endpoints/data centre.
Secured Code Review: - Auditing the source code of applications through static and dynamic analysis to ensure proper security controls are present at code level, and application has been developed to be “self-defending” in its environment.