Aujas January 2017
-
Upload
karl-kispert -
Category
Documents
-
view
21 -
download
1
Transcript of Aujas January 2017
Copyright © Aujas Information Risk Services
Aujas OverviewJanuary 2017
Copyright © Aujas Information Risk Services
Aujas Overview
2
Managing information security risks by protecting data, software, peopleand identities. Strengthening security governance and intelligence frameworks.
400+ Customers served across North
Americas, Middle East and APAC
380+ Professionals globally with more than
290 specialists
Offices across the globe – US, UAE and India
Copyright © Aujas Information Risk Services
Aujas Portfolio
3
Platform
Services
Risk Advisory
Identity & Access Management
Threat Management
Security Intelligence & Operations
Digital Security
Services Co-managed Security
Vulnerability Intelligence
Vendor Risk Management
Data Protection
Platform as a service (PaaS)
Security Analytics & Visualization Platform
SAVP
Copyright © Aujas Information Risk Services
4
We support our customers through the entire delivery lifecycle
Innovation as the DNA
Lifecycle Services Approach
We have developed custom solutions to accelerate work and help our customers
realize value much faster
With resources across the world, we provide round-the-clock service
We employ project management best practices to ensure projects are completed
on time – ensuring client satisfaction
Accelerators for Our Customers Strong Project Management
Global Delivery Model
We are continuously innovating to create value
with our platforms & products
Content Lock
Aujas Strengths
Copyright © Aujas Information Risk Services
Risk Advisory
5
We help design, deploy and manage security programs, including: integrated IT GRC frameworks, automation of GRC frameworks using RSA Archer, managing vendor risks, protecting data, achieve and maintain compliance with legal,
regulatory requirements such as PCI DSS, ISO27001, ISO22301, NIST 800-53, SOX, HIPAA, etc.
Strategy & Planning Solution Implementation Enhancements & Sustenance
GRC Framework & Strategy
Archer Consulting
Advanced Data Protection Framework Design
Enterprise Security Strategy Review
Third Party Vendor Risk Management
Security Program Implementation
Archer Integration
Data Protection Technology Integration
Data leakage Risk Assessment(Foresight, Symantec, Guardium,Seclore)
Virtual Security Office
Archer Sustenance & Enhancements
Data Protection Technology Sustenance & Enhancements
350+Customer Locations
certified for ISO27001, PCI DSS & ISO22301
Third Party Vendor Risk Assessments
conducted annually
RSA Archer Implementations
completed
450+ 20+ Aujas Differentiators
RSA Archer Center of Excellence
Thought Leadership in Risk Management Automation and Data Protection
Partnerships with RSA, IBM, Forcepoint and others
Copyright © Aujas Information Risk Services 6
Holistic Data Protection Program for One of the World’s Largest Banks
BUSINESS NEED
A comprehensive and holistic data protection program. Visibility into data flow across organization boundaries. Specific new initiatives to undertake to make the program
effective.
AUJAS SOLUTION
Assessed the current maturity model. Defined a data protection program. Developed a 3-year detailed roadmap. Created a governance framework. Developed a data classification policy with guidelines. Conducted data flow analysis & leakage risk assessment. Defined a data security architecture.
Maturity model assessment, Governance
framework with a 3-year roadmap.
Data protection program, data classification policy with guidelines.
Data security architecture, data
flow analysis & leakage risk assessment.
Copyright © Aujas Information Risk Services 7
Comprehensive Security Incident Management Framework for a Large Oil & Gas Company
7
BUSINESS NEED
Comprehensive information security incident management framework. Enable a cross-functional information security incident response team. Facilitate consistent incident handling. Guidance and operational
templates. Enhance existing technology capabilities.
AUJAS SOLUTION
Performed an assessment of the existing IS-IM program. Created program structure to address people, process & technology. Developed a process for incident handling with manuals and interaction
model. Created a threat and control matrix taking into account the business and
operational environment. Monitored parameters for key information systems and SIEM correlation
rules. Detailed technical response strategies for key threats.
Assessment of existing IS-IM capabilities.
Program to address people, process &
technology.
A threat and control matrix taking into
account the business and operational
environment.
Enhance existing technology capabilities.
Response strategies for key threats.
Copyright © Aujas Information Risk Services
Identity & Access Management
8
We help mitigate access risk, enhance user convenience, reduce cost and automate application integration within the enterprise and the cloud realms.
Strategy & Planning Solution Implementation Enhancements & Sustenance
IAM Governance Framework
IAM Readiness and Roadmap
IAM Technology and Product Selection
IAM Architecture Design
Access Governance Services
Ubiquitous Identity
Digital Identity Management
Access Management and SSO
Privileged Identity (RSA, IBM, CA, MS)
Audits and Benchmarking
Incident Resolution
Enhancements and Optimizations
IAM Operations And Evolution
User identities and accesses successfully
integrated
Custom enhancements developed to integrate
applications
1M+ 600+Aujas Differentiators
Center of Excellence for IAM solutions
Thought Leadership in Access Governance
Partnerships with RSA, IBM, ObserveIT and others
Copyright © Aujas Information Risk Services 9
Mitigating Access Risk & Increasing Operational Efficiency for a Leading BPO
BUSINESS NEED
• An integrated and automated solution for managing the lifecycle of digital identifies and access across systems.
• Mitigate access risk, meet various regulatory compliance demands, and ensure clean audits.
• Increase operational efficiency and reduce administrative costs.
AUJAS SOLUTION
• Achieved turn-around-time of 1 hour against 40 hours for access provisioning & de-provisioning.
• Automated access management for 30,000+ users and more than 5,000 project groups for 25+ applications.
• Reduced the help desk calls by 80%.
Turn-around-time of 1 hour against 40 hours earlier for
access provisioning & de-provisioning.
Automated access for 30,000+ users,
5,000+ project groups, 25+ applications.
Reduced Help Desk calls by
80%.
Copyright © Aujas Information Risk Services 10
Unified Single Sign-On for a Global Conglomerate with 62+ Group Companies
10
BUSINESS NEED
• Secure access control for the heterogeneous IT environment.
• ID Federation to cloud centric applications.
• Enable user access and SSO to Web Applications from multiple platforms.
• Easy user on boarding and administration.
AUJAS SOLUTION
• Developed a modular approach to design the solution consisting of: a. federation for cloud applications, and b. reverse proxy based multi protocol SSO for internal on premise applications.
• Created a common portal for unified SSO to integrate the two solution components together into a unified interface.
• Secured Cloud and On-Premise Business Applications with 8,000+ users.
ID Federation to cloud centric applications.
Reverse proxy based multi protocol SSO
for internal on-premise
applications.
A common portal for
unified SSO.
Copyright © Aujas Information Risk Services
Threat Management Services
11
We help design, develop and manage Threat Management programs, including: managing threats through our Vulnerability Management Lifecycle Framework, advising on open source security risks using Open Source Compliance
Platform, evaluating people behavior risk using Phishnix.
Strategy & Planning Solution Implementation Enhancements & Sustenance
VMS Framework & Strategy
Application Security Advisory
Cloud Security Strategy
Enterprise Mobility Strategy
Advanced Security Testing Services
Technology Implementations
Software Composition Analysis (Open Source Compliance)
VMS Program Management
Cloud Security Sustenance
Application Security Program Management
25M+
Lines of Code reviewed
Applications secured Bug Bounty Programs participated
5000+ 50+Aujas Differentiators
Global program management experience in VMS, App security
Thought Leadership in App security
Innovative App security methodology based on threat/risk modeling
Partnership with Palamida
Copyright © Aujas Information Risk Services 12
Mitigating Information Security Risk for a Top Regional Bank
12
BUSINESS NEED
• Integrated ISMS framework and current information security posture.
• Local regulatory and PCI requirements, with ISO 27001 as baseline.
• Identify control weaknesses and vulnerabilities in the computing environment, across the large and complex infrastructure.
AUJAS SOLUTION
• Developed a top-down approach for technology and risk assessments.
• Performed network architecture reviews, application penetration testing, vulnerability assessment, and configuration reviews.
• Evaluated the preparedness of employees against social engineering attacks.
• Covered all aspects of information security, i.e. People, Process & Technology.
Top-down approach for
technology & risk assessments.
65+ applications
& 1000+ assets
secured.
Compliance achieved for PCI-DSS, ISO 27001 & local
regulatory requirements.
Copyright © Aujas Information Risk Services 13
On-Demand Security Assessment for a Leading General Insurance Company
BUSINESS NEED
• A scalable and reliable solution to secure applications and infrastructure, but compatible with agile methodology.
• Threat model analysis and security assessments to be done as part of each application’s development lifecycle and before going live.
• Regular assurance that the applications are secure from various threats and vulnerabilities.
AUJAS SOLUTION
• Provided an On-demand testing service or assessing applications and underlying infrastructure.
• Designed a scalable and flexible model to meet the business requirements and objectives.
• Provided Support and guidance for remediating the discovered vulnerabilities.
• Put in place a standardized documented approach for mitigating commonly found vulnerabilities and shared with the development team.
Scalable. Flexible. Pay-as-you-Go,
Plan-as-you-Need security assessment
model.
Secured 50+applications.
Trusted partner in managing end-to-end program for
Application Security.
Copyright © Aujas Information Risk Services
Security Intelligence & Operations
14
We help design and deploy security intelligence solutions in addition to helping clients in optimizing and enhancing existing deployments.
Strategy & Planning Solution Implementation Enhancements & Sustenance
SOC Strategy and Planning
SOC Framework and Consulting
SOC Architecture Design
SIEM Implementation and Integration (IBM QRadar, RSA SA)
SIEM optimization, Advance Correlation Rules and Use Cases Configuration
Analytics and Reporting
Custom Parser Development
Co-Managed SOC Services
SOC Skill Augmentation
SOC Maturity Assessment and Audits
Events analyzed managing very large SIEM/SA
installations
Custom Parsers to integrate niche log
sources
1Billion+ 350+Use cases for security monitoring scenarios.
700+ Aujas Differentiators
Thought Leadership in Security Analytics, Intelligence, SIEM Optimization, etc.
Partnerships with RSA, IBM, and others
Copyright © Aujas Information Risk Services 15
Detect and Prevent Fraud for World’s No.3 Telecom Company
BUSINESS NEED
• Overcome challenges with manual event correlation to detect and prevent fraud.
• Correlate and Analyze billion events per day across network elements to detect unknown attack patterns. Detect network intrusion attempts and anomalies.
• Comply with telecom regulatory authority requirements globally.• Network asset inventory and correlation with vulnerability scan data.• Monitor connection attempts from international locations.
AUJAS SOLUTION
• Designed a distributed solution to scale to over 1 billion events per day while integrating with both core telecom and perimeter network security devices using IBM QRadar SIEM product.
• Closely worked with network equipment manufacturers to quickly build over 100 parsers. The project was executed using a hybrid delivery model.
• Incorporated 200 types of perimeter log sources. 75 advanced correlation rules. 120 alerts. 150 core network device types with proprietary log format. 1,728,000,000 events per day!
200 types of perimeter log sources. 75 advanced correlation rules. 120
alerts. 150 core network device types with
proprietary log format.
Correlate and Analyze 1Billion+ events per day
across network elements to detect unknown attack
patterns.
Closely worked with network equipment
manufacturers to quickly build over
100 parsers.
Copyright © Aujas Information Risk Services
Digital Security
16
We help provide solutions to manage identities of people, business and things. We can also help with development of software controls & secure API’s, in addition to helping with security testing, validation & vulnerability remediation.
Strategy & Planning Solution Implementation Enhancements & Sustenance
Digital Security Strategy and Planning
Security Architecture Design
IoT Platform Consulting
API Management Platform Consulting
IoT on Cloud Strategy
Software & API Control Implementation
Mobile & Internet of Things Controls
IoT on Cloud Controls
Identity Management of Businesses, People and Things
Security Validation & Remediation
Compliance assurance
Managed Digital Security Services
Mobile Banking Users secured
40M+
Connected Devices secured for payment
450K
Merchants & Aggregators secure integrated
2500+
Aujas Differentiators
Thought Leadership in IoT Security, API Management Platforms
Copyright © Aujas Information Risk Services 17
Mobile Banking Made Safe for a Large Private National Bank
BUSINESS NEED
• Roll out mobile banking apps, but with security as top priority.• Most developers understood web security, but mobile security was
a challenge.• Develop secure application development processes.• Engage all key stakeholders, including 3rd party vendors, developers
and everyone in the area of mobile banking and other services.
AUJAS SOLUTION
• Integrated approach keeping all aspects of security - people, data and technology.
• Secured data while in transit and at rest on devices or servers.• Protected application code assets.• Developed security measures so that Bank was not relying on end
user’s device for security.• Established an application security practice that is was independent
of the security features in one device.
Integrated approach -people, data and
technology. Secured data both in transit and
at rest. Protected application code.
Ensured zero reliance on end user’s device
for security and independent of
security features on any specific device.
Engaged all relevant stakeholders related
to mobile banking and other services.
Copyright © Aujas Information Risk Services 18
Award Winning Mobile Security for Global Leader in Payment Solutions
BUSINESS NEED
• Though security is integral for any payment solution, it is a challenge to implement it on a mobile device given limited capacity and variation in specs across makes/platforms.
• Security of other supporting web applications and web-services.• Secure code review of everything - different mobile apps,
communication channels, server components, and supporting applications.
AUJAS SOLUTION
• Performed security assessments and reviews at different phases in SDLC in order to reduce minimize impact at the later stages.
• Performed design and secure code reviews for the entire application suite.
• Built centralized security features for all surfaces (Mobile App, API, Web-Service, Web App) connecting to external entities.
• Improved client’s existing PKI.
Assessments/ reviews at different phases in
SDLC in order to minimize security
impact at later stages.
Design and secure code reviews for the
entire application suite. Improved
client’s existing PKI.
Centralized security features for all
surfaces connecting to external entities.
Copyright © Aujas Information Risk Services
Sustainable Security for one of the largest National Identity Programs
19
Aujas secures 1,000,000,000 (billion) identities… Capability Demonstration of Our Comprehensive Services
800 MillionCitizen enrollments
in first 4 years
100 TrillionMatches run
to identify duplicates
10 PB Of citizen data
stored in RDBMS & Hadoop – HDFS
100 MillionCitizen
authentication processed daily
Fraud Management Fraud modeling, detection and forensics
Dedicated CISO OfficeCISO supported by a teamof ISO, policies, risks, standards, vendor management and GRC automation
Security Analytics Advanced threat detection,
security intelligence
Comprehensive multi-disciplinary security solutions provider
Governance
Reactive Proactive
Risk & Compliance Internal Audits, 3rd party assessments, risk & compliance management
Security Incident Response Security incident detection, response and
management
Identity & Access Management of employee, contractor & privilege identities and role based access
Data Protection Data privacy, rights, encryption,
classification, masking, tokenization
Threat Management VA/PT, code review and vulnerability management
Security Operations Security exception requests,
change management
Secure ApplicationDefense grade storage & transport encryption, biometric API & Secure SDLC
Virtualization Security Instance security, privilege ID
administration, production release
Copyright © Aujas Information Risk Services
20
SAVP(Security Analytics &
Visualization Platform)
Copyright © Aujas Information Risk Services
Why Security Analytics? Need for better ROSI
21
Despite the increase in security incidents and financial losses, security budgets are constrained in most organizations. Getting better ROSI (return on security investment) continues to be very important. Hence, having a “state of security view” to understand current risk levels, its impact on business and using information (analytics)
to make security decisions is CRITICAL.
SOURCE: The global state of information security survey 2015 – PWC. Survey covers 9700 CIO’s, CISO’s, across 154 countries
As incidents rise, security spending falls
Copyright © Aujas Information Risk Services
Why Security Analytics? Visibility is key
22
SOURCE: Analytics and Intelligence Survey Oct. 2014 - survey of 350 participants, 20% of them from large orgs (>50K employees)
Copyright © Aujas Information Risk Services
Security Analytics & SAVP
23
Collect Analyze Report
Data Information Insights
Define the normal RelevantComprehensive
Platform Module Customized deployment
• Customer assurance• Vulnerability intelligence• Security operations• Data protection• Vendor risk management • Product security
Copyright © Aujas Information Risk Services
Custom Built
UEBA
SIEM
Log Management
24
Platform for Advanced Security Analytics -Customized for Your Specific Use-cases
Clo
sen
ess
to
ad
dre
ssin
g
org
aniz
atio
n’s
se
curi
ty
chal
len
ges
(user anomalies. data-intensive)
(near real-time correlations)
(collect log data)
(org-specific. diverse data. high volume)
Copyright © Aujas Information Risk Services
Security Analytics Capability - Options
25
•Solves at least some problems immediately
•Solves select problems automaticallyBuy
•Development capability to solve future problems
•Focus resources on organization-specific problems
Build
•Development of customized capability
•Leverages vendor/partner expertisePartner
Modules for Use-Cases
Customizable Platform
Expert Services
Platform as a Service
Benefits
Copyright © Aujas Information Risk Services
26
Administrators
Executives IT
Clients Security
Presentation/Widgets
Workflow
Transformation
Parser
Secu
rity
Inte
grit
y V
erif
icat
ion
Ver
ific
atio
n
SIEM AV FW/IPS VMS
….
Control Frame Work
CMDB
CSV, XML, XLS, PDF, ODBC, SyslogVendor Controls
Customizable Analytics and Visualizations beyond SIEM/Analytics, helping security leaders see through the reporting fog and focus on what is critical.
Modules & widget examples
Customer Assurance
▪ Service level trends▪ Top 10 client status▪ Regional compliance stats
▪ Major NC status
Vulnerability Management
▪ Business / region stats▪ Top 10 vulnerable assets▪ EOL / vulnerability ratios
▪ Remediation performance
Product Security
▪ Vuln to patch TOT
▪ Product sec trends
▪ Vuln source analytics
▪ External threat impacts
Data Protection
▪ Data exposure trends▪ Business / regional stats▪ Client SLA impacts
▪ Consequence mgmt trends
Compliance
▪ Evidence mgmt▪ Audit support tools▪ Compliance trends
▪ TPA analytics
Security Operations
▪ User analytics▪ Alerting across controls▪ Contextual sev reporting
▪ Attack pattern alerts
▪ Service level reporting
Architecture and Modules
Copyright © Aujas Information Risk Services
Deployed Use Cases
27
Product
Security
Financial software / cloud service provider Provides virtualized contextual visualizations for external and internal stakeholders. Analytics based on expected “normal behavior” which is defined per client. Visualizations customized as per viewing roles and themes.
Client
Assurance
Major Asian BankUses SAVP for audit support, performance analytics and evidence management for its vendor risk program covering 250+ vendors.
Fortune 20 Tech CompanyAnalytics, reporting and workflow management for the company’s products. Provides contextual security information to its product engineering teams and external stakeholders.
Major Telecom Company - MESAVP enables analytics and advance reporting for the companies data protection program. Platform customized to support data flow assessments.
Fortune 5 EnterpriseSAVP supports its global vulnerability assessment & remediation program across regions and technologies. The program covers both IT and production assets.
SAVP for IBM QRadarEnhances customer experience of IBM QRadar SIEM by enabling clients to add business context and customizable reporting capability.
Vulnerability
Remediation
Product
Enhancement
Third Party
Assurance
Data
Protection
Copyright © Aujas Information Risk Services
Karl KispertVice President
www.aujas.comwww.savpbyaujas.com