Cyber Security

Digital Transformation and Cloud implementations have their individual demerits of Security issues and Vulnerabilities. Cyber risk has been increasing rapidly. Proactive way of handling the breach is an need of hour.

SHRAS ITS Cybersecurity services provides the protection of computer systems and networks from the theft of or damage to their hardware, software, or electronic data, as well as from the disruption or misdirection of the services they provide.

Information Security Audit:
  • Identify level of Information Security in the Organization
  • Identify the Technical, Physical and Administrative Information Security Controls deployed in the Organization
  • Assess the current security performances and practices being followed
  • Identify the Security Gaps of Process and Procedures with respect to Global standards and best practices
  • Define Risk Priority and Impact for the Security gaps identified as part of the Assessment.
  • Provide Remediation for the Security Gaps identified
Vulnerability Assessment & Penetration Testing:
  • Process for defining, identifying, classifying and prioritizing Security Weakness in computer systems, applications and network infrastructures
  • Identify threats and the risks Security Weakness pose typically involves the use of Automated and Manual testing tools
  • Understand the threats to the environment and their impact to the organization infrastructure
  • Define remediation steps for the security Weakness identified before they can be exploited by adversaries.
Application Security Assessment:
  • Application Security Assessment combines Information Security best Practices and technologies specifically designed to test websites and Web-based services to identify potential security weaknesses in the Application.
  • Identify threats and the risks they pose to the Application
  • Provide Actionable steps to close the identified security Weakness.
  • Perform Re-Assessment to confirm the closure of the identified Security Weakness
Configuration and Group Policy Review
  • Detailed review and verification of Configuration Settings of IT Infrastructure
  • Verify the operating condition and the effectiveness of infrastructure security configuration and rule sets
  • Provide list of security configurations to be deployed in all the critical infrastructures
  • Provide list of Group Policies to be deployed across all End Point Machines.
Malware Analysis:
  • Analyze the sample and Behavior of the Ransomware
  • Review the Ransomware notes in .txt file and .hta file
  • Review the System internal Auto runs to view several persistence Mechanisms
  • Review the Encryption process in the encrypted files to check the Encryption Key
  • Check the Open Community for any possible decryption techniques

Identify the vulnerabilities based on the tests highlighted above and document them and discuss them with the project stakeholders. Compile the findings in a detailed report that highlights the risks profiling and recommended mitigation plans.