Happiest Minds

Cyber Security Services

Cyber Security Need and Challenges

88 percent of Fortune 500 companies have employees infected

with Zeus

-RSA Research0

Signature Based Technologies alone are not sufficient

Attacks are getting more focused and Advanced

Too many Point solutions working in Silos

Human factors can never be taken out of equation

Limited Intelligence sharing and intelligence utilization

Lack of real situation awareness, False Sense of Security

Constantly emerging new technologies <-> threat vectors

Botnets APTs

IDS/IPS AV Proxies SIEM

Awareness Social Eng.. Malicious Intent

Network Host Identity Data

Cloud Mobility

Zero Day Vuln. Attackers Patterns

Misconfiguration Metrics & KPI

Social

So

do

es

RS

A, S

on

y, TJMax….

Policies, Regulations (Acceptable Use, Risk mgmt)

Identity Management( Access, Role, Pwd)

Data Security(Encryption, DLP)

Applications/Databases(Security testing, WAF)

End Point Controls( Anti-Virus, FIM)

Network Security ( F/W, IDS/IPS, Proxy)

Physical Controls(Access, Cameras, locks)

Existing Security Controls and Evolving Threats

3

Today’s Enterprise Security LandscapeThreats & Multiple Point Solutions

ProcessVendor Security

Assessment

Security Policy

Management

Control

Automation

Risk

Management

Training &

Communication

Compliance

AdherenceMobile business

People

Privileged User

Password

Management

Roles &

Entitlements

User Access

Management /

Monitoring

Access

Reviews &

Attestations

Federation &

SSOIdentity Theft

Threat –

Insiders &

Outsiders

DataData Loss

Prevention

Information

Exchange (IRM)

Content

Security

End Point

Protection

Data Protection

Directives

Data Loss -

Social

Networking

Sensitive Data

Vaulting

Infrastructure

Host Intrusion

Detection and

Prevention

Network &

Perimeter

Security

Data Loss

Prevention

Intrusions

(viruses,

worms)

Production / Non

production Data

Masking

Security

Monitoring

Cyber threats /

warfare/APT’s

Cyber

Analytics

ApplicationsSecure Design

Review

Security Source

Code

Consulting

Pre Dev

Security

Assessment

Threat &

Vulnerability

Management

Malware

Re engineering

Application

Vulnerability

Testing

Security

Assurance

Secure SDLC

Training

Platforms /

Systems

Security Patch

Management

Antivirus/Anti-

Malware

Management

Endpoint

Security

Data Loss

PreventionEncryption

Professional

cybercrime

Malware

Engineering

EUC, Mobility &

Cloud

Communication

Interception

Network

Security

Antivirus/Anti-

Malware

Management

MDM / device

Loss and Theft

Application

Security

Assurance

SIP

Vulnerabilities

protection

Penetration &

Vulnerability

Testing

IP phone & PBX

protection

4

• Risk driven: To ensure

continuous awareness and

mitigation of existing and

emerging threats, risks

• Holistic: To cover all the layers

including infrastructure,

applications, data and users and

architectures

• Adaptable: To address new

business models and enables

emerging technology adoption

• Efficient: To support business

dynamics and maximize return

on investment

• IAM – Provisioning, federation,

access governance, Access

Mgmt, eSSO, MFA

• Data – Encryption, DLP, IRM,

Obfuscation, tokenization, File

protection

• Application – Code/design

review, penetration testing

• Network – APT, Anomalies,

Application level awareness,

complete visibility

• GRC – Risk Assessment,

Metrics & Reporting,

Compliance automation

• End Points – Heuristics,

Anomalies, Application controls

CHARACTERISTICS TECHNOLOGY ENABLERS

Need for Cyber Security- Integrated and Pervasive Security

Network

Servers/Endpoint

Applications

Data

Users

Governance, Risk, Compliance

Off P

remise

Any Device

Any Time

Any Where

On

Prem

ise

5

CIA

Happiest Minds Security service offeringsConsulting, Implementation and Management

6

Cyber and Infrastructure SecuritySolution and Service Portfolio

Assessment

Services

Transformation

Services

Managed Services

Host and End Point Security

Advanced Malware Protection

Datacenter and Perimeter Security

Security Monitoring Services

(SIEM and SOC)

Security Device Management Services

Proactive Network Risk Assessment Network Threat Modeling

Cloud and Virtualization Security

Vulnerability Management

Firewall Auditing

Configuration Management

Network APT Protection

Network Access Control

File Integrity Monitoring

Application Control

Next Gen F/W, IDS/IPS

VDI Security

Virtual Server Protection

Cloud Security Monitoring

SIEM Health Check

SOC Assessment

SIEM/SOC Setup

Next Gen SOC Setup

SOC Management/Monitoring

Cyber Vigil platform

24/7 Security Management and Operations

Network Forensics ServicesMalware Defense Strategy

Device Management

Mobility Security Strategy

7

Monitoring

• Monitor the Health and Availability of Security Devices

• Notifications and incident creation based on SOP

Manage

• Technology Management and basic provisioning

• Deployment enhancements

SOP based Services

• Standard Operating Procedure driven Incident management, trouble shooting

• Operational Reporting

Level 1

Maintain

• Remediation Support

• Performance and Capacity analysis

• Minor Upgrades

Troubleshoot

• Escalated incidents from Level 1

• Investigate repeat incidents

• Participate in Root Cause Analysis

Configure

• Policy Changes

• Configuration Audit

• Coordination for change management

Level 2

Manage

• Investigation and advanced troubleshooting

• Upgrades and RCAs

• Vendor / OEM coordination

Service Improvement

• Review the Trends and problems

• Build Service improve plans and enhance KPIS

• Service Reporting

Change

• Change Approval

• Technology review and Enhancements

• Automation

Level 3

Firewalls IDS/IPS AV/FIM/HIDS Proxy/Web Filtering Vulnerability Mgmt Risk Mgmt

Wireless Malware Protection Email Security Web applicationsDatabase Activity

MonitoringLM/SIEM

Managed Security-Service Delivery

8

Reactive Response

Proactive Defense • Threat and Risk Assessment

• Know your critical Assets

• Know your high risk Users

• Threat intelligence gathering

Historical Analysis

Real time and Predictive • Early Detection and response

• Attack Modeling and simulations

Signature basedBehavior Based • Baseline and deviation tracking

• Whitelist and track exceptions

• Advanced Analytics and Heuristics

• Anomaly detection technologies

Infrastructure contextBusiness Context • Address business needs

• Business Apps context

Alert AnalysisAlert + Data Analytics • Hidden intelligence from Noise

• Advanced Reporting and visualization

Targeted attacks are penetrating

standard levels of security

controls, and causing significant

business damage to enterprises

that do not evolve their security

controls,”

- Gartner.

Our Approach-Next Gen SecurityDefending against advanced Threats

9

Thank You