We offer best in class Security Products and Solution that compliment each other.
With an ever growing security concerns like increasing zero day attacks, DoS, DDoS, etc. enterprises often lack response and remediation process in place. There is a constant pressure to meet ever evolving regulatory requirements which maintaining high standards or performance and low cost of operations.
To address the above issues, I(TS)2 RAQEEB MSS provide our clients with real-time incident monitoring, advanced events context analysis, and better visibility through customized reports and portal dashboards.
I(TS)2 offers below services through our RAQEEB MSS:
Notification and Alerting:
Some salient feature of this service are:
Managed SOC Services:
Some salient feature of this service are:
Enhancements/Value Added Services:
Other than the traditional MSS SOC services I(TS)2 can provide below enhancements or value added services:
The gap and maturity assessment is a fast track analysis to establish an understanding on organizations’ information security capabilities. The purpose of this activity is to evaluate the current capabilities of organizations against relevant areas of best practices, so that gaps can be identified. This exercise is designed to give Senior management a better indication of where the organization stands in terms of the relevant standard, and what effort is required to be compliant.
Internal auditing is an independent, objective assurance and consulting activity designed to evaluate compliance, and improve an organization’s governance, risk management and management controls. This service involves onsite independent assessment and fact finding and a report which provides insight and recommendations based on analyses and assessments of data and business processes. I(TS)2 provides Internal Audit for following standards:
This service involves facilitatingour clients to establish, implement, manage, maintain following management systems:
We ensure that all the requirements for certification are well met and facilitate organization to achieve desired management system certification.
The objective of this service is to assess and evaluate an organization’s physical security controls, identify any shortcomings, and to provide recommendation via a report. Typically it comprises of review of physical Access Control;Vehicle Access Control;Security Guards Control; Environmental Controls;Life Safety Controls;Equipment Controls; and other Concerns.
This Service comprises of establishing a tailored risk methodology for to assess, evaluate, modify and mitigate the cyber security risk for an organization.During risk assessment critical organizational services are identified, and related information security threats and vulnerabilities are determined and eventually risk is evaluated. A mitigation plan is established to address the information security risks which are not acceptable. At the end of engagement a comprehensive report will be created to summarize all risks, their values, mitigation plans, risk owners and due dates.
I(TS)2 helps organizations help develop policies and procedures that sets out a framework of governance and accountability for information security management commitment across an organization.
Procedures describe how each policy will be put into action in the organization, and gives a detailed step-by-step how to fulfill a specific task or activity.
This services aims at addressing:
The objective of a vulnerability assessment service is to identify and assess all possibly present vulnerabilities in the IT network or infrastructure and report it to the customer. The end result is a report which produced prioritizing list of vulnerabilities& suggests remediation.
External penetration testingis an offensive security analysis of an IT infrastructure’s defensesagainst attacks from the Internet. External penetration testing involves mimicking the actions of an external hacker, with the purpose of simulating a cyber-attack or gaining access to confidential information through the Internet. This type of testing checks for vulnerabilities in the IT infrastructure’s external perimeter that may lead to a breach of confidentiality, integrity and accessibility of data
Internal penetration testing is an analysis of IT infrastructure security within a corporate network. Internal penetration testing involves simulation of actions of a malicious employee. This type of testing checks for vulnerabilities in the internal network that may lead to a breach of confidentiality, integrity and accessibility of data.
Web application penetration testing is to ensure the security of the most critical information by identifying known and unidentified vulnerabilities within the web application layer. The security assessments are performed on any web-based application, including all industry-leading application platforms. Our methodology is aligned with leading practices such as OWASP, WASC.
The objective of a mobile application penetration testing is to identify and assess all possibly present vulnerabilities in the mobile application and report it to the customer. Mobile Application testing includes:
Our team is fully capable of performing assessment on android, iOS, and windows platforms.
Wireless Penetration testing is to test the effectiveness of the Wireless security Controland also to analyses the Weakness and Critical wireless network vulnerabilities.
Secure code review is a specialized task involving manual and/or automated review of an application’s source code in an attempt to identify security-related weaknesses (flaws) in the code.
The purpose of the security analysis of industrial systems is to provide an objective and independent assessment of the current level of protection of an industrial system. The scope of this process includes verification of the network demarcation, security of applications, the ability to upgrade the operator’s access rights, security of operating systems, the safety of controllers and other system components.
DDoS Testing gives enterprises the unique opportunity to carry out comprehensive, simulated attacks. Designed to emulate real-life DDoS attack scenarios, the fully customizable and controllable tests expose system vulnerabilities and allow enterprises to put their security strategies to the test.
A Threat Hunting &Comprise assessment is an advanced threat detection service tailor made for organization suspected a data breach. The service identified and detects the contemporary cyber threats that already exists in your organization. I(TS)2 team of consultants will investigate your infrastructure to pinpoint accuracy and precisely detect who, what, where, when and how you have been attacked, and simultaneously provide corrective actions.
Social engineering testing is use to test and manipulate the organization employees into allowing unauthorized access to confidential information. This provides perception into how effective the organization’s policies and procedures are at countering social engineering threats, how well the employees follow to established policies and procedures, and the level of security awareness that exists among employees.
The Red Teaming Test simulates a situation where our team of qualified consultants and target your organization’s vulnerable assets.By simulating real life attackers. The results produce perceptions into how potential vulnerabilities can affect your business and how they can be effectively treated. This exercise also tests the maturity of your current incident response processes.
The Forensic investigation service examines digital media in a forensically sound manner with the aim of identifying, preserving, recovering, analyzing and presenting facts and opinions about the digital information incident.
SOC assessment is a review of components associated with any typical security operations center. The service comprises of:
The Secure architecture Review is areview of your current Network architecture from a security perspective. The study is based on International acclaimed standards and best practices. The core of the engagement involves understanding your business requirements, architectural design review, verifying your network design flows, and assessing your current security technologies in place. The end result is a detailed report which identifies weaknesses and the measure to be taken to address them. Also, a technology roadmap is provided to the customer as a part of the report.
A configuration review provides a comprehensive and detailed security audit of network components such as switches , servers and routers, to ensure that weaknesses in their configuration are identified and remediated, reducing the risk of a security incident.
I(TS)2, is a security focused company, and caters for state of the art & cutting edge cyber security technologies. The technologies catered by I(TS)2 are based on deep study of emerging threats and have been hand picked to target the most persistent cyber security issues faced by organization’s today.
We have a strong partnership with top leading security vendors in every cyber security domain. Mentioned below are our strategic partners.
Domain | Vendors |
---|---|
Security Information Event Management (SIEM) | |
Next Generation Firewalls | |
Data Loss Prevention (DLP) | |
Endpoint Detection & Response | |
Web Application Firewalls | |
Advance Malware Protection | |
Web Email Security | |
Endpoint Security | |
Network modeling and risk scoring platform | |
Social Network Security | |
Threat Intelligence Platforms | |
Social Engineering Defense | |
Vulnerability Management |
I(TS)2 Cybersecurity Professional Services team comprises of certified security professionals trained to stay actively informed of the rapidlychanging landscape of security threats. Our professional services team can deliver a robust, tried and tested solution that has been specifically designed for you, to manage some of the biggest concerns in cyber security today. Our team ensures that the customer gets the expected functionality in the best possible manner.
The ever-rising tide of cyber-threats and increasingly sophisticated cyber-attacks force you to constantly assess your Network technology and your current cyber security products. I(TS)2 meets the need with cost-effective professional services that assess your risks, identify the right technologies to meet them, and ensureoptimal configuration of these technologies in your environment.
I(TS)2 provides SLA driven local support programs. Some salient features of our program are as below:
I(TS)2 provides on site on demand information security training courses through our highly qualified and authorized instructors. Courses include BSI, BCI, CompTIA, PECB, (ISC)2, client customized and I(TS)2 developed courses.
Ideally, for such engagements Clients have to provide the venue, the class room requirements and refreshments while I(TS)2 shall provide the instructor, material and proctor the official exam if requested.
I(TS)2 provides information security training courses on a quarterly basis which are delivered through our highly qualified and authorized instructors. Courses include BSI, BCI, CompTIA, PECB, (ISC)2 and I(TS)2 developed courses.
For Public training I (TS)2 arranges for the venue either in luxurious hotel or at the I(TS)2 Academy Centre in Riyadh. The class room requirements, lunch and refreshments, courseware material and proctor for the official exam on the last day of the training are provided as well.
Anchored against international best practices and standards, the main objective of this acitivity is to identify the gap between the current target audience awareness, training and education status and the target status (gaps) and to develop detailed methodology and roadmap to fill this gap. Our methodology in conducting TNA is based on meet-in-the-middle between the adopted standards and the client’s objectives.
In accordance with the clients’ requirements and objectives, we design or customize existing clients’ courseware material based on international best practices, current technological advancements and well known Quality Assurance approaches.
This service involves establishing and implementing a full awareness Campaigns for an organization. Depending on the requirement of organization this service can comprise of services, such as:
Our information security awareness Learning management system is designed to strengthen the first ity line of defense within your organization- Your people. Our courses enable participants to understand and know how to implement best information security practices. It provides following features:
This service involves developing a unique set of security awareness products, with catchy images and clever slogans, which will attract the attention of individuals and assist in establishing a security positive environment within the organization, where staff will act and think instinctively in a way which promotes good information security practice. All of the products can be delivered in English and Arabic.
The focus on this stage is to develop not only specific contents for the materials but also high quality promotional items that which would be based on the customer’s organization theme. These designs of the contents would reflect organizations brand and image, and would be made to fit not only content but the context also. Some examples of promotional items are:
Cups/ pens/ USB with messages,
Posters booklets.
For bookings, discounts and customized training please contact us at: –
Discounts of 15% are available as per the following:
All courses are conducted by experienced certified instructors. Official courseware will be provided.
For several years, I(TS)2 has been providing top quality staff augmentation resources in several security related fields to clients all around the kingdom. This includes Government, Banking, Education and the Private Sector. On many occasions our resources impress our customers to the extent that our clients hire them directly. We offer Outsourcing in follow modes: