COMPANY PROFILE
DYNAMIC BUSINESS VALUE
RESULCO. [COMPANY PROFILE]
This page has been intentionally left blank.
| Company 1
RESULCO. [COMPANY PROFILE]
CONTENTS 1. Company ............................................................................................................................................... 4 2. Personnel .............................................................................................................................................. 4 3. Customers ............................................................................................................................................. 6 4. Services ................................................................................................................................................. 6 5. Rivendell Test Center .......................................................................................................................... 12 | Company 2
RESULCO. [COMPANY PROFILE]
This page has been intentionally left blank.
| Company 3
RESULCO. [COMPANY PROFILE]
1. COMPANY At RESULCO, Information Security and Risk Management is our main and only business. Our consultants are experts in the field; our specialists are at all times ahead of the curve. And so are our clients, for the reason that in security, if you are not ahead of the curve, you are at threat of becoming subsequently the victim. By engaging our services, our clients ensure they are fully protected, their information is safe from threats both within and outside the organization, they meet their regulatory requirements and they can provide to their clientele business in complete confidence. In just over a year of operation, RESULCO began as a vision of one Security and Risk Management expert and a few outstanding professionals who found enjoyment in investigating the nadir of information security. The company now has offices in Cyprus, Greece and is in the process of setting up their United Arab Emirates office in 2012. The consulting pool travels regionally and internationally wherever our clients necessitate them. Mitigating business risks takes us from the deepest mines to the leading boardrooms, with our clients being national and multi-‐nationals.
These days, forceful security is the only defense worth having. Anything less is inadequate. Threats are more pervasive and cyber-‐attacks are more dangerous than ever. Increasingly, what should be the most important company asset-‐information-‐ is the greatest liability.
2. PERSONNEL RESULCO has compiled an exceptionally strong and highly reputable team of experienced security engineers. Under the guidance of RESULCO executives our high skill personnel travel regionally and internationally wherever our clients necessitate them and deliver multiple tasks and activities essential for Information Technology and Security type of projects. The majority of our team is IT certified engineers according to the international standards in the area of IT Security through Company’s strategic lifetime training program. | Company 4
RESULCO. [COMPANY PROFILE]
2.1. OUR ACCREDITATIONS
| Personnel 5
RESULCO. [COMPANY PROFILE]
3. CUSTOMERS Highly regulated industries are a natural fit for RESULCO – our services are used by several major names in the Banking and Finance, Insurance, Healthcare and Retail sector, as well as Telecommunications organizations. In the public sector show-‐ground, we carry out business with local government and municipalities, which not only enables us to undertake wide-‐ranging work but also demonstrates our ability and trustworthiness to the broader marketplace.
4. SERVICES RESULCO provides high quality services utilizing a broad range of hardware & Software platforms and latest technologies.
Informa@on Security Services Secure Integra@on Services Consul@ng and Security Strategy Cloud Services Managed Security Services
4.1. INFORMATION SECURITY SERVICES RESULCO’s Information Security Services are designed to help businesses improve and maintain the level of their security. We are recognized as experts within the technology and security industry. We contribute to client’s success by translating complex technical risk into business terms. With the use of proven methodologies, automated testing tools and manual audits, RESULCO proficiently, assesses the client’s network environment and identifies vulnerabilities as well as any miss-‐configurations. Additionally RESULCO provide prioritized response to reduce network security risks to operations, data security and regulatory compliance.
| Customers 6
RESULCO. [COMPANY PROFILE]
Web Application Penetration Test In today’s business, modern commerce relies on information technology systems that are dependable, secure, and accessible. Unfortunately, even organizations that maintain good security practices sometimes overlook the importance of application testing. Application-‐level testing uncovers design and logic flaws that could result in the compromise or unauthorized access of your networks, systems, applications or information. What to expect from our Web Application Ethical Hacking Services: • • • •
Extensively examine Web-‐based application structure Identify vulnerabilities and weaknesses of the environment Rank the vulnerabilities (TOP 10) and weaknesses based upon your security policies as well as best practice, ability to be exploited and mitigating factors Recommend both technical and process-‐oriented remediation and mitigation solutions
Wireless Penetration Testing The demands of modern business have made wireless technology a necessity. The mobile workforce has spurred the development of technologies that make it possible for your employees to instantly access data and network infrastructure from nearly any place in the world. With that access, however, comes significant risk. Using a proven methodology and advanced tools, RESULCO can complete a Wireless Security Ethical Hacking Assessment to measure the security of your wireless infrastructure and provide you with a roadmap to ensure the integrity and availability of its information and resources. What to expect from our Wireless Ethical Hacking Services: • • • •
Use directed attack based techniques Lists all identified weaknesses and vulnerabilities Clarifies the risks associate with the current network configuration Presents recommendations to increase the security of your wireless infrastructure
VoIP Penetration Testing Networks are now used to handle an increasing number of voice calls. Furthermore, due to the real time traffic nature that consist these technologies, VoIP networks and devices are vulnerable to unique security threats and exploits. Malicious users may eavesdrop on unencrypted calls, cause service interruption; gain access to corporate networks and access confidential data. | Services 7
RESULCO. [COMPANY PROFILE] What to expect from our VoIP Ethical Hacking services •
Physical Access Attacks
•
DDos Attacks
•
Attacking and gaining remote management of IP phones
•
LCA Attacks and Call Logging
•
Hijacking – Injection Attacks
•
Eavesdropping
•
New Generation Intelligence – BCC (Block Certain Calls)
Vulnerability Assessment Testing The goal of Vulnerability Assessment Testing is not to actually penetrate a system or demonstrate the degree to which a weakness could be exploited. Rather, it is to allow authorized specialists to see a system from an attacker's perspective so it can be fixed or the risk of intrusion minimized by applying common Best Security Practices. RESULCO can execute periodic vulnerability scans on any network and provide a comprehensive report, helping discover and eliminate any vulnerability threats. What to expect from our Vulnerability Identification Service • • •
A detailed explanation of the work that was completed and the methods used by the team to determine the results A listing of all the vulnerabilities and weaknesses of your environment with a ranking of their level of risk, the ease with which they can be exploited, and mitigating factors An explanation of how to mitigate or eliminate the vulnerabilities including enhancement of customer policies, adoption of industry best practices, changes to security processes and enhancement to the security architecture.
Social Engineering Social engineering is hacker-‐speak for deceiving legitimate computer users into providing useful information that helps the hacker gain unauthorized access to their computer system.
RESULCO using social engineering usually poses as a legitimate person in the organization and tricks computer users into giving useful information. This is usually done by telephone, but it may also be d one by forged e-‐mail messages or even an in-‐person visit.
| Services 8
RESULCO. [COMPANY PROFILE]
4.2.
CONSULTING AND SECURITY STRATEGY
To meet complex and fast growing business requirements, organizations have to protect mission critical data including sales data, profitability data, client details, clients personal information; have to meet a number of legal & regulatory compliances; have to assess organization’s information security infrastructure in order to keep ahead from competitors. At RESULCO we have designed our security consulting services specifically to meet organization’s compliance, security design and assessment requirements. Information Security Architecture Information security architecture defines all facets of the system that relate to security, including the set of fundamental principles that guide the design.
Disaster Recovery Planning Each organization should have a business continuity plan in place. Not an idea, but a well-‐articulated and
comprehensive course of action to certify that their business can get through a disaster and continue on
in the aftermath. This plan includes crisis management, business procedures/processes and work area management to name a few considerations. ISO 27001 Planning and Implementation ISO 27001-‐security management is an example of best practice in information security for any business, whatever its size and can lead to significant cost savings. In order to effectively design and implement an ISO 27001 certification it implies an integrated management of information security. This is achieved through planning, risk assessment, application of technical, organizational, operating and contractual controls, human resource management, communication, training, and contingency and business continuity plans.
| Services 9
RESULCO. [COMPANY PROFILE]
Data Leakage Prevention Our suite of technologies that are consisted in the Data Leakage Prevention (DLP) service aims at stopping the loss of sensitive information that occur in enterprises. By focusing on the location, classification and monitoring of information at rest, in use and in motion, this solution can help an enterprise get a clear view on what information it possesses, and in stopping the numerous leaks of information that occur each day. DLP is not a plug-‐ and-‐play solution. The successful implementation of this technology requires significant preparation and diligent ongoing maintenance. Enterprises seeking to integrate and implement DLP should be prepared for a significant effort that, if done correctly, can greatly reduce risk to the organization. Those implementing the solution must take a strategic approach that addresses risks, impacts and mitigation steps, along with appropriate governance and assurance measures.
Mergers & Acquisitions Consulting for security re-‐engineering – 100 Day Alignment
To prepare managers who can compete successfully in the Information Security field, RESULCO presents important principles and techniques of such a security re-‐engineering approach. RESULCO’s focus is on the detection and prevention of insider misuse, which is still the biggest threat to security. RESULCO shows how techniques such as focused auditing; data and user profiling are integrated into a single methodological framework for security evaluation.
4.3.
SECURE INTEGRATION SERVICES
At RESULCO, we assess, design, develop, and manage mission-‐critical solutions that secure resources and infrastructure for governments and businesses. Our approach integrates resource and infrastructure security, creating the most effective and efficient security environment possible and freeing our client to focus on best serving its customers.
Network Security Our Network Security Services provide proactive threat detection, analysis and provide real-‐time management of your IT security infrastructure, delivering tailored protection. | Services 10
RESULCO. [COMPANY PROFILE]
Secure Implementation RESULCO delivers outstanding design, implementation and integration services of full security architectures. Our team of engineers has solid knowledge, experience and practical understanding of numerous leading technology vendors.
Network Design and Implementation
We have long experience in building up reliable and robust network and systems infrastructures by sing “safe-‐through-‐enterprise” implementation perception and best practice, we provide organizations, our the ability to capitalize in their technology requirements by ensuring that all the technology adoption sufficiently reflects their b usiness needs and addresses all risks.
4.4.
VIRTUALIZATION SERVICES
An incorporated cloud platform provides the enterprise the necessary architecture it requires to align business requirements to IT projects & Infrastructure. At RESULCO, we can you help generate an resourceful yet flexible IT groundwork, seamlessly incorporated across your organization, that can extent to meet service needs and optimize workloads as well as well the consolidation of your infrastructure. Virtual Platform Strategy, Definition, readiness and deployment Services An incorporated cloud platform provides the enterprise architecture you need in order to align business requirements to IT projects, simplifying access to information in order to deliver better business outcomes. Our Cloud delivery models allow new business and IT approaches in the course of standardizing applications. Software as a service (SaaS) Cloud platforms Attached Security Services Desktop Virtualization Infrastructure as a Service (IaaS)
5. MANAGES SECURITY SERVICES Managed Security Services is based on hosted vulnerability management that provides cloud-‐based internal and external infrastructure scanning through a single portal. This helps easily manage compliance requirements and specifies steps necessary to remediate vulnerabilities. | Services 11
RESULCO. [COMPANY PROFILE] What to expect from our Cloud based Vulnerability Management • • •
Helps accomplish compliance with security initiatives by scanning and classifying vulnerabilities Provides remediation steps and data to assess and manage security risks to help reduce threat exposure Helps reduce cost and complexity of security maintenance through RESULCO’s cloud security services
Our managed Security Services can detect vulnerabilities across network devices, servers, web applications and databases to help you reduce risk and better manage compliance requirements. Our service leverages advanced scanning capabilities to detect and priorities hidden risks on your external and internal network infrastructure. Simplified workflow automation and unique reporting capabilities help speed vulnerability identification and remediation, and being a cloud-‐based service, you can save on licensing fees and security operations maintenance costs.
5. RIVENDELL TEST CENTER Since the very beginning, RESULCO strategically invested in the development of its internal and stand-‐alone security research lab consisting of heterogeneous platforms and various interrelated networks to facilitate hands-‐on research and project work associated to information security. It delivers focus for multidisciplinary research and education in emerging areas of information security. Current research areas include computer and network security, digital forensics, Data Leakage, hardware for secure systems as well as Cloud and Virtual Environment testing and deploying.
Our Vision: to be a center of excellence in information security research.
| Rivendell Test Center 12