Vulnerability Assessment (VA)
A comprehensive health check of a system for exposed vulnerabilities without their direct exploitation.
This is a cost-effective measure in helping organization staying up-to-date when it comes to security.
We provide specialized scanning required for PCI DSS’ compliance. Our scanning is conducted using PCI ASV (Approved Scanning Vendor).
We can customize the framework, scanning strategy and provide customized report consists of vulnerability findings, risk ratings and remediation recommendations.
Penetration Testing (PT)
We perform pen-testing in accordance to the best practices as defined by ISECOM’s Open Source Security Testing Methodology Manual (OSSTMM) and the Open Web Application Security Project (OWASP).
Our experts use both automated tools and manual techniques to identify vulnerabilities that threaten to compromise the security of sensitive information protected by a client’s infrastructure, policies and processes.
From the assessment, we provide a comprehensive report containing identified risks, security weaknesses and misconfigurations as well as specific, actionable steps to eliminate identified vulnerabilities and improve overall security.
PCI DSS (Payment Card Industry Data Security Standard) Audit and Certification
We provide full end-to-end services to assist, guide and help companies to achieve PCI DSS compliant certification.
From the Gap Assessment, Remediation, Audit and Certification including ASV (Approved Scanning Vendor) Scanning, we are representing our overseas partner which is PCI QSA (Qualified Security Assessor) and authorised by PCI SSC to conduct business in Indonesia.
Whether the company is looking for SAQ (Self-Assessment Questionnaires) or full ROC (Report of Compliance), we can provide assistance and suitable customised package to meet customer’s requirements.
Cyber Security Training by TataCyber Academy
TataCyber Academy has a team of global cyber security experts and trainers to provide training from basic security awareness to specific topics in cyber security areas tailored your business needs.
TataCyber Academy is regularly conducting public training and seminars in cyber security areas.
We also provide in-house training at your office with customised topics to suit your organization needs.
Some of cyber security training modules available for on-site or online delivery are:
• Cyber Hygiene
• Cybercrime trends
• Cobalt group targeted attacks on financial organizations
• Computer security incident response team (CSIRT management) training
• Computer forensics of Windows OS, Linux, OSX training
• Memory forensics training
• Network forensics training
• Reverse engineering training
• Data recovery training
• Mobile forensics training
Register your interest in “Contact Us” section to receive regular updates and schedules of our public training and seminars.
Cyber Security Consulting and Advisory
We offer cyber security consulting and advisory that includes the following services:
- Digital Forensic – a process based on the evidence to find specific suspects, determine intent and identify the root cause of a digital asset breach or incident.
- Security Expert Advisory – information security experts and system that can provide advisory support before, during and after security incident.
- Computer Crime Investigation – covers investigation of fraud conducted via computers, phishing schemes, social engineering attacks, spyware and malware analysis.
Group-IB Threat Intelligence and Secure Bank
Threat Intelligence is a vital part of the security portfolio at every enterprise. Mitigating the consequences of cyber-attacks has been becoming increasingly more expensive and time consuming, as displayed in mass media. With the help of cyber intelligence, it’s possible to predict cyber-attacks and prepare for them in advance.
GIB Threat Intelligence provides:
- Strategic information to evaluate real risks and prioritize threats
- Operational data to be ahead of attacks and adjust your security systems
- Tactical indicators minimize the time of incident response
GIB Threat Intelligence is cloud-based service, can be accessed through web browser and no network integration required.
GIB Secure Bank controls risks related to the weakest link in banking cyber security – your clients.
While your customers do not need to install any software, Secure Bank offers financial fraud prevention and detection, guarding them against:
- Malicious injections in Internet payment systems
- Phishing attacks, social engineering attacks
- Unsanctioned remote connection and e‑banking transactions
- Malicious code for online banking fraud that involves making automatic payments or using false account details
- Employing zero-day vulnerabilities to run malicious software and intrusions
ImmersiveLabs
We bring ImmersiveLabs – the state-of-the art Cloud-based Cyber Skills Learning platform from our global partners from Singapore and UK to Indonesia.
Immersive Labs provides real-world training and assessment for cyber teams, managers and anyone who is keen to learn and develop cyber security skills and knowledge.
The platform using gamified and browser-based cyber labs, so the users are immersed in real-world exercises, earn points/badges and can compete with other users in the same organization.
With over 200 real-world cyber lab challenges, the users can access anytime and anywhere the training platform
Checkmarx
Checkmarx has been recognized as one of the leaders in Gartner’s Magic Quadrant in Application Security Testing tool.
Checkmarx CxSAST, CxOSA and CxIAST is comprehensive source code analysis solution that provides tools for identifying, tracking, and repairing technical and logical flaws in the source code, such as security vulnerabilities, compliance issues, and business logic problems.
Checkmarx is available as a standalone product and can be effectively integrated into the Software Development Lifecycle (SDLC) to streamline detection and remediation.
Checkmarx can be deployed on-premise in a private data center or hosted via a public cloud.
It supports more than 25 coding and scripting languages, over 40 frameworks and many regulatory standards (OWASP Top 10, SANS Top 25, PCI DSS, HIPAA, etc.)
Kondukto
Kondukto is an application security testing orchestration tool which allows its users to view all vulnerabilites discovered by different applicaton security testing tools (e.g. SAST, DAST, IAST, SCA, CS) and take actions on them from a single platform.
Kondukto allows users to have a holistic and correlated view of vulnerabilities discovered at all stages of software development
It automates manual processes involved in application security and DevOps, right from the identification of vulnerabilites until the remediation and embeds security tests into the entire SDLC to enable a successful DevSecOps adoption.
Kondukto comes with open source scanners, right out-of-the-box, such as:
- Gosec
- Brakeman
- Bandit
- Findsecbugs
- Security Code Scan
- Dependency Check
- Trivy
It also integrates with various leading commercial scanners such as Checkmarx, Fortify, Rapid7, Sonarqube, NetSparker, etc. Kondukto is official technology partner of Checkmarx.
LearnHack
LearnHack is a virtual cyber labs and online micro-learning courses for students, cyber newbies and aspiring techies to develop cyber skills, on your mobile, at your own pace. It features interactive content designed for mobile experience, tutorials and practical challenges to learn hands-on skills.
You can get your organization’s IT security team trained and upgrade their skills in cybersecurity by getting them on LearnHack virtual cyber labs.
The platform using gamified and browser-based cyber labs, so no complicated setup and preparation are required.
ReaQta-Hive
ReaQta-Hive is the first Artificial Intelligence Threat Response platform that monitors and protects organizations from known and future threats by adopting an entirely new approach, based on A.I. and big data analytics, to secure the endpoints from a constantly evolving cyberthreat landscape.
ReaQta-Hive enhances your enterprise security:
- Full visibility on workstations and servers
- On-demand and real-time queries to the endpoints
- Triage security incidents in seconds
- Strong protection against advanced malware and ransomware
- Clear and easy to use dashboard
- Centralized control of every device, local or remote
ReaQta-Hive leverages on superior NanoOS detection capabilities, Big Data analytics and state-of-the-art Artificial Intelligence, to detect and protect your endpoints in real time, drastically reducing the time to respond to a threat.
MasterSAM
Managing cyber security has become the most challenging mission than ever in today’s fast-growing technology shift.
Government and various industries continue to add new regulations and strengthen existing rules mandating data protection and this includes regulatory compliance such as ISO27001/2, PCI-DSS, MAS-TRM, SOX-404, etc. Silverlake MasterSAM provides integrated suite of Privilege Access Management (PAM) solutions to help organizations stay complied to the regulatory by implementing the security controls which:
- Enforce least privilege model and ensure only authorized users have access
- Build layered security control to isolate and secure the access between users and IT systems
- Detect, manage and control all privileged access and ensure they are governed by 2FA
- Monitor, record and provide comprehensive audit trails for all privileged access
- Build automation of password rotation and ensure all passwords are managed according to the organization’s security policy and eliminate hard-coded passwords by supplying the passwords on a need-basis via secure vault
All Silverlake MasterSAM solutions can be deployed on-cloud, on-prem and as a hardened appliance.
IP-Guard
A powerful IT management and insider threat solution, is used to protect your valuable data, manage employee’s computer usage and online activity, and ease system management.
IP-guard comprehensively and effectively protects what you value. It efficiently prevents data leakage through various channels (e.g., email, IM application, removable storage device, printing)
It effectively safeguards intellectual property, improves work productivity, and reduces IT management workload for organizations of all sizes.
IP-Guard solution is modular, easy-to-deploy and considered as the most economical solution in the market.