Our Services

Secureinfocom Technologies provides a range of information security services to strengthen your defences and reduce costs.

We follow the TOGAF methods to undertake and execute a business problem and how it could be resolved using the IT tools.

Starting from information gathering and documenting requirements to developing the architecture and costing the solution we provide complete pre sales services

We provide budgetary guidance and final costing for a solution. We provide implementation and configuration services along with BAU and run if required by the customer.

We act as technology leaders with emerging trends in technology space specifically within information security.

We follow the industry principles, codes and standards to deliver the solutions to customer expectations

Critical Infrastructure Protection

Our team of experts follow a step by step procedure to do a thorough security assessment of your mission critical SCADA systems to find out how vulnerable they are against external attacks done by malicious users and how much they are compliant against the security standards such as ICS-CERT, DoE (Department of Energy), DHS (Department of Homeland Security), NIST SP 800-82 Rev 1, NIST SP 800-53 Rev 4, TR99.00.02 and ENISA guidelines for ICS systems, National ICS Security Standard, Qatar etc

Vulnerability Risk Analysis

Our risk assessments generally include the following elements

  • Identifying threats that could harm and, thus, adversely affect critical operations and assets
  • Estimating the likelihood that such threats will materialize based on historical information and judgment of knowledgeable individuals
  • Identifying and ranking the value, sensitivity, and criticality of the operations and assets that could be affected should a threat materialize in order to determine which operations and assets are the most important
  • Estimating for the most critical and sensitive assets and operations, the potential losses or damage that could occur if a threat materializes, including recovery costs
  • Identifying cost-effective actions to mitigate or reduce the risk. These actions can include implementing new organizational policies and procedures as well as technical or physical controls

Penetration Testing

Penetration Testing constitutes that part of a security assessment exercise which attempts to simulate the techniques adopted by an attacker in compromising the target systems. Our penetration testing methodology is well aligned with established standards and practices, combined with our extensive experience

We conduct the below penetration testing:

  • Network including Wireless
  • Application including Web and Database
  • Special testing for SCAD and ICS including protocol review (DNP3 etc)

Project Planning & Execution

We follow TOGAF methods to deliver end to end solution

We develop pre-sales solutions design, provide budgetary guidance, solution costing, component model (logical and physical), detailed design using reusable patterns for standardised work products.

We also provide implementation and configuration services including BAU if desired.

Security Solutions Design

We provide solutions for the below:

– Database Activity Monitor                   –  Privilege Identity Management

–  Source Code Scanning                        –  Web, Email and Data Security

–  Information Rights Management     –  Web Application Security

–  SSL VPN & Universal Access Controller  –  Network Access Control, SIEM

–  Unified Threat Management       –  NetScaler and WanScaler

–  Data Leakage Prevention            –  Identity and Access Management

–  2 Factor Authentication             –  Web Application Firewalls

–  Wireless Security                        –  Local and Global site load balancing

–  Phishing Brand Protection; Monitoring and Site Take Down

–  Endpoint Security, Backup & Recovery, Storage & Server Management, IT Compliance

–  Endpoint Security, Email Web Security, Network Security, Risk and Compliance

Governance & Compliance

The risk from information systems can be managed by adopting globally accepted controls framework such as PCI DSS, NIST, CoBIT etc. Implementing any of these frameworks requires a systematic approach to analyzing the key risk areas, identifying and documenting the controls and then monitoring and measuring the compliance. Information Risk Management (IRM) can be extended to designing a Business Continuity Strategy and developing and testing business continuity plans. We offer the services as part of the Information Risk Management service suite.

Cloud Service Setup

We offer the below cloud services

  • Manage existing cloud environment including provisioning
  • Analyse existing workloads and consult on cloud migration for applications
  • Architect and deliver a private cloud based on VMware vCentre / Hyper V or OpenStack
  • Cloud Security

Training

Users are the weakest links when it comes to information security. We provide user training tailored to a particular industry. This includes lectures and demos regarding both technical aspects as well as social engineering. We also develop course material and video lectures for employees.

Internet of Things

The emerging technologies provide various security challenges when it comes to IOT. We consult on these aspects specially with regards to the IOT devices. This includes video cameras,   connected cars, home automation devices etc.

Solutions and Technology Showcase…

Architecture and Technology Vendors

Network Firewalls

We develop the firewall architecture for vendors Checkpoint and Juniper. For checkpoint technologies we develop solution on for large enterprise network based on appliances securing the private hosted cloud including MDM/MLM/CLM design.

We develop solutions for IPSEC /SSL VPN’s and firewall using the Juniper appliances

Web application firewall

Stops the SANS top 20 attacks

Web application attacks deny services and steal sensitive data. Imperva Web Application Firewall (WAF) analyzes and inspects requests coming in to applications and stops these attacks. We architect solutions around Imperva and F5 WAF. We provide architecture, implementation / configuration and BAU for the solution