Aujas January 2017

Copyright © Aujas Information Risk Services

Aujas OverviewJanuary 2017


Aujas Overview

2

Managing information security risks by protecting data, software, peopleand identities. Strengthening security governance and intelligence frameworks.

400+ Customers served across North

Americas, Middle East and APAC

380+ Professionals globally with more than

290 specialists

Offices across the globe – US, UAE and India


Aujas Portfolio

3

Platform

Services

Risk Advisory

Identity & Access Management

Threat Management

Security Intelligence & Operations

Digital Security

Services Co-managed Security

Vulnerability Intelligence

Vendor Risk Management

Data Protection

Platform as a service (PaaS)

Security Analytics & Visualization Platform

SAVP


4

We support our customers through the entire delivery lifecycle

Innovation as the DNA

Lifecycle Services Approach

We have developed custom solutions to accelerate work and help our customers

realize value much faster

With resources across the world, we provide round-the-clock service

We employ project management best practices to ensure projects are completed

on time – ensuring client satisfaction

Accelerators for Our Customers Strong Project Management

Global Delivery Model

We are continuously innovating to create value

with our platforms & products

Content Lock

Aujas Strengths


Risk Advisory

5

We help design, deploy and manage security programs, including: integrated IT GRC frameworks, automation of GRC frameworks using RSA Archer, managing vendor risks, protecting data, achieve and maintain compliance with legal,

regulatory requirements such as PCI DSS, ISO27001, ISO22301, NIST 800-53, SOX, HIPAA, etc.

Strategy & Planning Solution Implementation Enhancements & Sustenance

GRC Framework & Strategy

Archer Consulting

Advanced Data Protection Framework Design

Enterprise Security Strategy Review

Third Party Vendor Risk Management

Security Program Implementation

Archer Integration

Data Protection Technology Integration

Data leakage Risk Assessment(Foresight, Symantec, Guardium,Seclore)

Virtual Security Office

Archer Sustenance & Enhancements

Data Protection Technology Sustenance & Enhancements

350+Customer Locations

certified for ISO27001, PCI DSS & ISO22301

Third Party Vendor Risk Assessments

conducted annually

RSA Archer Implementations

completed

450+ 20+ Aujas Differentiators

RSA Archer Center of Excellence

Thought Leadership in Risk Management Automation and Data Protection

Partnerships with RSA, IBM, Forcepoint and others

Copyright © Aujas Information Risk Services 6

Holistic Data Protection Program for One of the World’s Largest Banks

BUSINESS NEED

A comprehensive and holistic data protection program. Visibility into data flow across organization boundaries. Specific new initiatives to undertake to make the program

effective.

AUJAS SOLUTION

Assessed the current maturity model. Defined a data protection program. Developed a 3-year detailed roadmap. Created a governance framework. Developed a data classification policy with guidelines. Conducted data flow analysis & leakage risk assessment. Defined a data security architecture.

Maturity model assessment, Governance

framework with a 3-year roadmap.

Data protection program, data classification policy with guidelines.

Data security architecture, data

flow analysis & leakage risk assessment.


Comprehensive Security Incident Management Framework for a Large Oil & Gas Company

7

BUSINESS NEED

Comprehensive information security incident management framework. Enable a cross-functional information security incident response team. Facilitate consistent incident handling. Guidance and operational

templates. Enhance existing technology capabilities.

AUJAS SOLUTION

Performed an assessment of the existing IS-IM program. Created program structure to address people, process & technology. Developed a process for incident handling with manuals and interaction

model. Created a threat and control matrix taking into account the business and

operational environment. Monitored parameters for key information systems and SIEM correlation

rules. Detailed technical response strategies for key threats.

Assessment of existing IS-IM capabilities.

Program to address people, process &

technology.

A threat and control matrix taking into

account the business and operational

environment.

Enhance existing technology capabilities.

Response strategies for key threats.


Identity & Access Management

8

We help mitigate access risk, enhance user convenience, reduce cost and automate application integration within the enterprise and the cloud realms.


IAM Governance Framework

IAM Readiness and Roadmap

IAM Technology and Product Selection

IAM Architecture Design

Access Governance Services

Ubiquitous Identity

Digital Identity Management

Access Management and SSO

Privileged Identity (RSA, IBM, CA, MS)

Audits and Benchmarking

Incident Resolution

Enhancements and Optimizations

IAM Operations And Evolution

User identities and accesses successfully

integrated

Custom enhancements developed to integrate

applications

1M+ 600+Aujas Differentiators

Center of Excellence for IAM solutions

Thought Leadership in Access Governance

Partnerships with RSA, IBM, ObserveIT and others


Mitigating Access Risk & Increasing Operational Efficiency for a Leading BPO

BUSINESS NEED

• An integrated and automated solution for managing the lifecycle of digital identifies and access across systems.

• Mitigate access risk, meet various regulatory compliance demands, and ensure clean audits.

• Increase operational efficiency and reduce administrative costs.

AUJAS SOLUTION

• Achieved turn-around-time of 1 hour against 40 hours for access provisioning & de-provisioning.

• Automated access management for 30,000+ users and more than 5,000 project groups for 25+ applications.

• Reduced the help desk calls by 80%.

Turn-around-time of 1 hour against 40 hours earlier for

access provisioning & de-provisioning.

Automated access for 30,000+ users,

5,000+ project groups, 25+ applications.

Reduced Help Desk calls by

80%.


Unified Single Sign-On for a Global Conglomerate with 62+ Group Companies

10

BUSINESS NEED

• Secure access control for the heterogeneous IT environment.

• ID Federation to cloud centric applications.

• Enable user access and SSO to Web Applications from multiple platforms.

• Easy user on boarding and administration.

AUJAS SOLUTION

• Developed a modular approach to design the solution consisting of: a. federation for cloud applications, and b. reverse proxy based multi protocol SSO for internal on premise applications.

• Created a common portal for unified SSO to integrate the two solution components together into a unified interface.

• Secured Cloud and On-Premise Business Applications with 8,000+ users.

ID Federation to cloud centric applications.

Reverse proxy based multi protocol SSO

for internal on-premise

applications.

A common portal for

unified SSO.


Threat Management Services

11

We help design, develop and manage Threat Management programs, including: managing threats through our Vulnerability Management Lifecycle Framework, advising on open source security risks using Open Source Compliance

Platform, evaluating people behavior risk using Phishnix.


VMS Framework & Strategy

Application Security Advisory

Cloud Security Strategy

Enterprise Mobility Strategy

Advanced Security Testing Services

Technology Implementations

Software Composition Analysis (Open Source Compliance)

VMS Program Management

Cloud Security Sustenance

Application Security Program Management

25M+

Lines of Code reviewed

Applications secured Bug Bounty Programs participated

5000+ 50+Aujas Differentiators

Global program management experience in VMS, App security

Thought Leadership in App security

Innovative App security methodology based on threat/risk modeling

Partnership with Palamida


Mitigating Information Security Risk for a Top Regional Bank

12

BUSINESS NEED

• Integrated ISMS framework and current information security posture.

• Local regulatory and PCI requirements, with ISO 27001 as baseline.

• Identify control weaknesses and vulnerabilities in the computing environment, across the large and complex infrastructure.

AUJAS SOLUTION

• Developed a top-down approach for technology and risk assessments.

• Performed network architecture reviews, application penetration testing, vulnerability assessment, and configuration reviews.

• Evaluated the preparedness of employees against social engineering attacks.

• Covered all aspects of information security, i.e. People, Process & Technology.

Top-down approach for

technology & risk assessments.

65+ applications

& 1000+ assets

secured.

Compliance achieved for PCI-DSS, ISO 27001 & local

regulatory requirements.


On-Demand Security Assessment for a Leading General Insurance Company

BUSINESS NEED

• A scalable and reliable solution to secure applications and infrastructure, but compatible with agile methodology.

• Threat model analysis and security assessments to be done as part of each application’s development lifecycle and before going live.

• Regular assurance that the applications are secure from various threats and vulnerabilities.

AUJAS SOLUTION

• Provided an On-demand testing service or assessing applications and underlying infrastructure.

• Designed a scalable and flexible model to meet the business requirements and objectives.

• Provided Support and guidance for remediating the discovered vulnerabilities.

• Put in place a standardized documented approach for mitigating commonly found vulnerabilities and shared with the development team.

Scalable. Flexible. Pay-as-you-Go,

Plan-as-you-Need security assessment

model.

Secured 50+applications.

Trusted partner in managing end-to-end program for

Application Security.


Security Intelligence & Operations

14

We help design and deploy security intelligence solutions in addition to helping clients in optimizing and enhancing existing deployments.


SOC Strategy and Planning

SOC Framework and Consulting

SOC Architecture Design

SIEM Implementation and Integration (IBM QRadar, RSA SA)

SIEM optimization, Advance Correlation Rules and Use Cases Configuration

Analytics and Reporting

Custom Parser Development

Co-Managed SOC Services

SOC Skill Augmentation

SOC Maturity Assessment and Audits

Events analyzed managing very large SIEM/SA

installations

Custom Parsers to integrate niche log

sources

1Billion+ 350+Use cases for security monitoring scenarios.

700+ Aujas Differentiators

Thought Leadership in Security Analytics, Intelligence, SIEM Optimization, etc.

Partnerships with RSA, IBM, and others


Detect and Prevent Fraud for World’s No.3 Telecom Company

BUSINESS NEED

• Overcome challenges with manual event correlation to detect and prevent fraud.

• Correlate and Analyze billion events per day across network elements to detect unknown attack patterns. Detect network intrusion attempts and anomalies.

• Comply with telecom regulatory authority requirements globally.• Network asset inventory and correlation with vulnerability scan data.• Monitor connection attempts from international locations.

AUJAS SOLUTION

• Designed a distributed solution to scale to over 1 billion events per day while integrating with both core telecom and perimeter network security devices using IBM QRadar SIEM product.

• Closely worked with network equipment manufacturers to quickly build over 100 parsers. The project was executed using a hybrid delivery model.

• Incorporated 200 types of perimeter log sources. 75 advanced correlation rules. 120 alerts. 150 core network device types with proprietary log format. 1,728,000,000 events per day!

200 types of perimeter log sources. 75 advanced correlation rules. 120

alerts. 150 core network device types with

proprietary log format.

Correlate and Analyze 1Billion+ events per day

across network elements to detect unknown attack

patterns.

Closely worked with network equipment

manufacturers to quickly build over

100 parsers.


Digital Security

16

We help provide solutions to manage identities of people, business and things. We can also help with development of software controls & secure API’s, in addition to helping with security testing, validation & vulnerability remediation.


Digital Security Strategy and Planning

Security Architecture Design

IoT Platform Consulting

API Management Platform Consulting

IoT on Cloud Strategy

Software & API Control Implementation

Mobile & Internet of Things Controls

IoT on Cloud Controls

Identity Management of Businesses, People and Things

Security Validation & Remediation

Compliance assurance

Managed Digital Security Services

Mobile Banking Users secured

40M+

Connected Devices secured for payment

450K

Merchants & Aggregators secure integrated

2500+

Aujas Differentiators

Thought Leadership in IoT Security, API Management Platforms


Mobile Banking Made Safe for a Large Private National Bank

BUSINESS NEED

• Roll out mobile banking apps, but with security as top priority.• Most developers understood web security, but mobile security was

a challenge.• Develop secure application development processes.• Engage all key stakeholders, including 3rd party vendors, developers

and everyone in the area of mobile banking and other services.

AUJAS SOLUTION

• Integrated approach keeping all aspects of security - people, data and technology.

• Secured data while in transit and at rest on devices or servers.• Protected application code assets.• Developed security measures so that Bank was not relying on end

user’s device for security.• Established an application security practice that is was independent

of the security features in one device.

Integrated approach -people, data and

technology. Secured data both in transit and

at rest. Protected application code.

Ensured zero reliance on end user’s device

for security and independent of

security features on any specific device.

Engaged all relevant stakeholders related

to mobile banking and other services.


Award Winning Mobile Security for Global Leader in Payment Solutions

BUSINESS NEED

• Though security is integral for any payment solution, it is a challenge to implement it on a mobile device given limited capacity and variation in specs across makes/platforms.

• Security of other supporting web applications and web-services.• Secure code review of everything - different mobile apps,

communication channels, server components, and supporting applications.

AUJAS SOLUTION

• Performed security assessments and reviews at different phases in SDLC in order to reduce minimize impact at the later stages.

• Performed design and secure code reviews for the entire application suite.

• Built centralized security features for all surfaces (Mobile App, API, Web-Service, Web App) connecting to external entities.

• Improved client’s existing PKI.

Assessments/ reviews at different phases in

SDLC in order to minimize security

impact at later stages.

Design and secure code reviews for the

entire application suite. Improved

client’s existing PKI.

Centralized security features for all

surfaces connecting to external entities.


Sustainable Security for one of the largest National Identity Programs

19

Aujas secures 1,000,000,000 (billion) identities… Capability Demonstration of Our Comprehensive Services

800 MillionCitizen enrollments

in first 4 years

100 TrillionMatches run

to identify duplicates

10 PB Of citizen data

stored in RDBMS & Hadoop – HDFS

100 MillionCitizen

authentication processed daily

Fraud Management Fraud modeling, detection and forensics

Dedicated CISO OfficeCISO supported by a teamof ISO, policies, risks, standards, vendor management and GRC automation

Security Analytics Advanced threat detection,

security intelligence

Comprehensive multi-disciplinary security solutions provider

Governance

Reactive Proactive

Risk & Compliance Internal Audits, 3rd party assessments, risk & compliance management

Security Incident Response Security incident detection, response and

management

Identity & Access Management of employee, contractor & privilege identities and role based access

Data Protection Data privacy, rights, encryption,

classification, masking, tokenization

Threat Management VA/PT, code review and vulnerability management

Security Operations Security exception requests,

change management

Secure ApplicationDefense grade storage & transport encryption, biometric API & Secure SDLC

Virtualization Security Instance security, privilege ID

administration, production release


20

SAVP(Security Analytics &

Visualization Platform)


Why Security Analytics? Need for better ROSI

21

Despite the increase in security incidents and financial losses, security budgets are constrained in most organizations. Getting better ROSI (return on security investment) continues to be very important. Hence, having a “state of security view” to understand current risk levels, its impact on business and using information (analytics)

to make security decisions is CRITICAL.

SOURCE: The global state of information security survey 2015 – PWC. Survey covers 9700 CIO’s, CISO’s, across 154 countries

As incidents rise, security spending falls


Why Security Analytics? Visibility is key

22

SOURCE: Analytics and Intelligence Survey Oct. 2014 - survey of 350 participants, 20% of them from large orgs (>50K employees)


Security Analytics & SAVP

23

Collect Analyze Report

Data Information Insights

Define the normal RelevantComprehensive

Platform Module Customized deployment

• Customer assurance• Vulnerability intelligence• Security operations• Data protection• Vendor risk management • Product security


Custom Built

UEBA

SIEM

Log Management

24

Platform for Advanced Security Analytics -Customized for Your Specific Use-cases

Clo

sen

ess

to

ad

dre

ssin

g

org

aniz

atio

n’s

se

curi

ty

chal

len

ges

(user anomalies. data-intensive)

(near real-time correlations)

(collect log data)

(org-specific. diverse data. high volume)


Security Analytics Capability - Options

25

•Solves at least some problems immediately

•Solves select problems automaticallyBuy

•Development capability to solve future problems

•Focus resources on organization-specific problems

Build

•Development of customized capability

•Leverages vendor/partner expertisePartner

Modules for Use-Cases

Customizable Platform

Expert Services

Platform as a Service

Benefits


26

Administrators

Executives IT

Clients Security

Presentation/Widgets

Workflow

Transformation

Parser

Secu

rity

Inte

grit

y V

erif

icat

ion

Ver

ific

atio

n

SIEM AV FW/IPS VMS

….

Control Frame Work

CMDB

CSV, XML, XLS, PDF, ODBC, SyslogVendor Controls

Customizable Analytics and Visualizations beyond SIEM/Analytics, helping security leaders see through the reporting fog and focus on what is critical.

Modules & widget examples

Customer Assurance

▪ Service level trends▪ Top 10 client status▪ Regional compliance stats

▪ Major NC status

Vulnerability Management

▪ Business / region stats▪ Top 10 vulnerable assets▪ EOL / vulnerability ratios

▪ Remediation performance

Product Security

▪ Vuln to patch TOT

▪ Product sec trends

▪ Vuln source analytics

▪ External threat impacts

Data Protection

▪ Data exposure trends▪ Business / regional stats▪ Client SLA impacts

▪ Consequence mgmt trends

Compliance

▪ Evidence mgmt▪ Audit support tools▪ Compliance trends

▪ TPA analytics

Security Operations

▪ User analytics▪ Alerting across controls▪ Contextual sev reporting

▪ Attack pattern alerts

▪ Service level reporting

Architecture and Modules


Deployed Use Cases

27

Product

Security

Financial software / cloud service provider Provides virtualized contextual visualizations for external and internal stakeholders. Analytics based on expected “normal behavior” which is defined per client. Visualizations customized as per viewing roles and themes.

Client

Assurance

Major Asian BankUses SAVP for audit support, performance analytics and evidence management for its vendor risk program covering 250+ vendors.

Fortune 20 Tech CompanyAnalytics, reporting and workflow management for the company’s products. Provides contextual security information to its product engineering teams and external stakeholders.

Major Telecom Company - MESAVP enables analytics and advance reporting for the companies data protection program. Platform customized to support data flow assessments.

Fortune 5 EnterpriseSAVP supports its global vulnerability assessment & remediation program across regions and technologies. The program covers both IT and production assets.

SAVP for IBM QRadarEnhances customer experience of IBM QRadar SIEM by enabling clients to add business context and customizable reporting capability.

Vulnerability

Remediation

Product

Enhancement

Third Party

Assurance

Data

Protection


Karl KispertVice President

[email protected]

www.aujas.comwww.savpbyaujas.com

Aujas January 2017

Documents

Transcript of Aujas January 2017