Infopulse GmbH

Infopulse can help minimize network security risks, with Critical Infrastructure Protection services. These services are usually delivered as an implementation of Risk Treatment Plan developed during Security Assessment service. Our main advantage is a deep understanding of network technologies and individual approach to solving your problems.

Business values of Critical Infrastructure Protection allow our clients to:

• Mitigate security risks
• Reduce the number of security incidents
• Decrease losses from security incidents
• Ensure stable and secure network access as one of the fundamentals of business survival

Critical Infrastructure Protection Service options include:

• Web Application Firewall (WAF) solution: helps to establish real-time protection for your website applications. As an additional service for websites, we propose configuration hardening, anti-DDoS solutions, and simple Business Continuity Management measures (implementation of backups). In-house or cloud-based solutions can be used.
• Intrusion Prevention System (IPS) implementation: helps to protect your network infrastructure against network and application-level attacks. The IPS can be integrated with Security Information and Event Management system within our Security Event Monitoring and Security Incident Response services.
• Network Implementation Services: Network Audit and Assessment, Architecture planning and design, Data center migration, Corporate wireless network design, New campus infrastructures roll-out, Customer environments migration.
• Network Operation Services: Firewalls Management, Routing and Switching, Load Balancing, LAN/WAN monitoring, and maintenance, Network services management, Collaboration Services (e.g., Cisco Unified Communications Manager, VoIP, conferencing, Communications Gateways).

Our advantage is a deep understanding of network technologies and individual approach to solving your problems:

• Analysis and tracking of customer IT infrastructure;
• Deep security configuration analysis;
• Individual recommendations on configuration;
• Review of compliance with standards and best practices;
• Early problems detection with online monitoring;
• Network capacity and speed optimization;
• Prevention of network faults and security penetrations;
• Implementation of fault-tolerant network architecture;
• Optimization of data flows for traffic minimization;
• Implementation of convergent network services (data, voice, video);
• Extension of users collaboration capabilities;
• Stable and secure network access as core condition of business survival.

Infopulse helps companies to build their own secure software development processes and to manage the security of development of specific solutions and products.

Business values of the Secure Software Development Life Cycle service:

• Quality and security of customer’s applications, solutions, and products.
• Proper and mature organization of the software development process, including control and monitoring of the development process.
• Mitigation of risks of unexpected expenses for software development and support due to clear requirements and design, resulting in the reduction of production scrap and rework.
• Increased security awareness and the establishment of a mature security culture of software development.

Secure Software Development Management service includes:

• Adoption of system development methodologies to ensure compliance with business and information security requirements.
• Ensuring security of the development environments.
• Implementation of quality assurance of key security activities during the system development life cycle.

Security Management of Specific Solutions and Products service includes the following:

• Identification and integration of security requirements.
• Threat modeling and risk analysis.
• Development of security architecture and secure design of the system or solution.
• Definition of security controls for all stages of software life cycle.
• Ensuring that systems are built, distributed, deployed, used and disposed of securely.

To guarantee the best results, Infopulse strictly adheres to international standards, regulations and best practices (e.g., ISO 27034, ISO 42010, ISF SoGP, OWASP, Microsoft Security Development Lifecycle, Oracle Secure Coding Standards, Payment Application Data Security Standards, and others).

As a result of Secure Software Development projects, our customers receive:

• Guides for software development management adapted to company’s application designing and coding culture.
• Security architecture and secure design of the products and solutions.
• Security controls for all stages of software life cycle, according to Customer’s internal standards and methodologies, as well as international standards and best practices.

Infopulse provides all types of Security Assessment and Consulting, helping our clients to identify and analyze all possible security threats and organizational weaknesses. We use international standards, best practices and customer’s requirements to assess security vulnerabilities and risks. The objectives of each audit are customized for the client individually.

Our holistic approach ensures that the service deliverables include a list of vulnerabilities, along with ways and paths of their exploitation, risk assessment, suggestions on inadequate security controls and recommendations on organizational and technical improvements, which can be done to reduce security risks.

Business values of the Security Assessment service include the following:

• Reduced security-related business risks
• Business owners and managers receive a real picture of what is going on
• Enhanced effectiveness of infrastructure investment and management decisions
• Improved business safety and controllability
• Regulatory compliance is ensured

Infopulse can also provide various related consulting services in addition to security audits.

Please find Detailed information on selected Infopulse’s security assessment services below.

       a) Risk Assessment and Risk Treatment.

Risk Assessment is the best way to optimize expenses for security, especially, for equipment and software, which prevents unauthorized access, system outage, malware outbreaks, data leaks and other security incidents. Risk Assessment begins from identification of security threats and considers threats directly related to technical vulnerabilities and to organizational deficiencies. All risks are evaluated for proper risk treatment decisions.

Risk Treatment is the next step in the risk management process. Development of risk treatment measures and estimating their budgets are outlined in Risk Treatment Plan. This plan can be implemented with our Critical Infrastructure Protection services.

       b) Security Process Audits help to prevent problems on early stages by reviewing quality and effectiveness of company's processes and procedures, and/or assessment of their compliance with the internal or external (regulatory) requirements.

       c) Penetration Tests (pentest) is an acknowledged effective method to check and assess quality and security of information systems. It involves technical analysis of IT infrastructure, systems, applications or other targets for security vulnerabilities. Pentesting imitates actions of cyber criminals to check the possibility of intercepting data, misusing systems, interrupting normal operations and other security threats.

Our Testing methodologies and standards are based on NIST SP800-115, PTES, OWASP, EC-Council, CAPEC.

The target objects that we can test include:

• Network perimeter and DMZ.
• Wireless networks.
• Web services and web applications.
• Desktop and mobile applications.
• Client-server systems.
• Embedded systems and industrial IT objects.

       d) Security Review of Source Code is an important part of both Security Assessment and the Secure Software Development Lifecycle, especially before software releases. The service is available as manual review and semi-automated review.

       e) Vulnerability Assessment is a cost-efficient way to control technical vulnerabilities in your infrastructure. Vulnerability scanning, verification, and analysis can be performed regularly or after significant changes only.

Security Compliance Manager (SCM) - a perfect management system for information security.

Security Compliance Manager (SCM) is a tool for enterprises helping to assess existing infrastructure protection and its compliance with security requirements, such as BSI IT-Grundschutz. SCM is a reliable alternative to the discontinued GSTOOL and serves companies throughout all stages of security management, offering a wide variety of features and options:

• Managing multiple security concepts in one tool
• Import data from the GSTOOL
• IT Inventory Management
• Possibility to create and manage the groups of TOs
• Specification of Protection Requirements of IT asset sets with multi-tenancy
• Integration of and modeling according to complete and up-to-date BSI IT-Grundschutz-Compendium
• Security check/implementation of measures
• Privacy management of personal data through modeling with user-defined modules
• Planning and carrying out Risk analysis in accordance with BSI-Standard-200-3
• Overall preparation for the ISO 27001 certification based on IT-Grundschutz
• Planning and implementation of internal audits
• Cost analysis
• Individual roles and permission management
• Security concept snapshot (versioning)
• Wide set of reports (standard and extended reporting options)
• Protection requirement suggestions based on entered dependencies and much more!

Unique features:

• Privacy management of personal data according to GDPR
• Integration with customer’s CMDB
• Creation of IT-Grundschutz-Profiles based on organization’s specific needs

The tool supports multiple users with individual user interface settings and features simultaneous access.

SCM is available both in German and in English and can be supplied as web application with a variety of flexible licensing options.

Security Event Monitoring and Security Incident Response services ensure prompt and efficient investigation and response to the hacking, malware, or insider attacks and human mistakes. To mitigate security incidents and attacks, and decrease losses, proper monitoring capabilities should be in place, and a dedicated security response task force team should be engaged.

Main values of the service are:

• 24x7 real-time control over business protection;
• Detection, prevention, and mitigation of security incidents;
• Full compliance with internal and external requirements;
• Detection of configuration and change management defects;
• Transparency of users’ and administrators’ actions in IT Systems.

Security Operations Center (SOC) as a service is the most solid and comprehensive approach to security operations for businesses. We can implement SOC in any mode: monitoring, control or operational. Components of the service (SOC functions) include:

• Security Information and Event Management (SIEM) implementation / administration
• Security Monitoring Team
• Incident Response Team
• Control Team (audits)
• Operational Team (security infrastructure management)

Our services are based on industry-recognized SIEM systems from IBM, HP, NetIQ, Alien Vault and other vendors. We can implement Distributed and Highly Available SIEM, and build a full-scale SOC. We can build the SOC or any its function at the Customer's site, or provide them as a service remotely. Any existing function at the customer’s site can be used to build a SOC.

Advanced monitoring and operation features offered by Infopulse:

• Detection and protection from zero-day attacks
• Extended malware protection
• User behavior analytics
• Integration of the platform with third-party threat intelligence
• Proactive defense by integrating with security systems
• Built-in vulnerability scanning or integration with third-party appliances
• Extended Active Directory and File Service monitoring
• Microsoft Exchange Admin audit
• Security baseline monitoring

While working on SIEM architecture and implementation, Infopulse conducts the following:

• Deep analysis of assets before connecting them to SIEM: setup required controls, logging level and risks assessment, agreement of an appropriate type of collection (agent or agentless)
• Preliminary assessment and optimization of client logging infrastructure
• Simulation of real attacks and vulnerability exploitation modeling for deep log discovery. As a result, minimum false-positive alerts after implementation
• Development of custom parsing rules for non-standard or in-house applications
• Deployment of automated incident handling tools
• Integration with vulnerability scanners, public reputation, and security tracking services