Cyber Knight is one of The leading IT Security firms specializing in providing Enterprise Risk Services and Defensive Security Services. We has a proven track record of assisting numerous global organizations obtain and maintain desired levels of online security.
2. Overview
Cyber Knight is one of The leading IT Security firms specializing in providing Enterprise Risk
Services and Defensive Security Services. We has a proven track record of assisting
numerous global organizations obtain and maintain desired levels of online security.
Enterprise Risk Services (ERS) Include
▌ IS/IT Audit & Compliance
▌ Managed Security Services (SOC/NOC)
▌ Risk & Incident Management Services
▌ Information Security Framework
▌ Information Security Governance
▌ Detailed Cyber Risk Assessment and
Treatment
▌ Information Security Training (Awareness/Secure Coding)
▌ Performance Testing and Bench mark services
▌ Penetration Testing
▌ Cyber Attack Simulations
▌ Intruder Attack Simulation
▌ Internal Penetration Testing
▌ Information Security framework Built-Operate-Transfer Model
3. Overview
Cyber Knight provides a unique portfolio in the field of cyber investigation, to address modern
challenges with the utmost efficiency with leading defensive digital intrusion solutions.
Defensive Security Services (DSS) Include
▌ Cyber Attack Response Simulation
▌ Cyber Attack Response plan and Drills
▌ Competitive Intelligence Gathering
▌ Social Engineering Awareness Trainings
▌ Cyber Security framework Built-Operate-
Transfer Model
▌ Defensive Security Training for Developers.
▌ Passive and Active Investigative Services
▌ Vulnerability Research & Support
▌ Internal Cyber Security Operation Center plan and setup
▌ Cyber Security Management
4. Overview
Cyber Knight provides a unique portfolio in the field of Managed Security Services, to address
Security Operational challenges with the utmost efficiency with rich experience in managed
security services.
Managed Security Services (MSS) Include
▌ Security Event Management& Incident
Response
▌ Managed Web Defense
▌ Managed Security Controls
▌ Managed Security Analysis
▌ Managed GRC Automation
▌ Managed Remediation
▌ Security Process Management
▌ Security Process Support Desks
6. Cyber Knight
Cyber Knight, through its experience and
industry relationships, presents
compelling value to customers
▌ Extensive experience in strategy
development
▌ Deeper understanding in industry
segments
▌ Existing relationships with leaders
across verticals
▌ Domain Expertise across the
required verticals
DOMAIN
EXPERTISE
BUSINESS
INSIGHT
INDUSTRY
LINKS
INDUSTRY
KNOWLEDGE
7. • Examination of the
management
controls within an
Information
technology (IT)
infrastructure
IS/IT Audit &
Compliance
• Identifying,
quantifying, and
prioritizing (or
ranking) the found
vulnerabilities
Penetration
Testing
• Systematic
approach to
managing an
organization's
security needs
Managed
Security
Services
• An unplanned
interruption to an
IT Service or a
reduction in the
Quality of an IT
Service
Risk & Incident
Management
• Advanced and
specialized
information security
training for infosec
professionals
Information
Security
Training
• Used to determine
the speed or
effectiveness of a
computer,
network, software
program or device
Performance
Testing &
Benchmark services
Our ERS Services
9. IS/IT Audit and Compliance
Evaluates controls related to the organizations information processing
systems. IT/IS audits includes and assessment of data, networks, hardware,
applications, databases, servers, contracts, software/hardware licensing,
security, business continuity, access authorization and compliance with
organizations policies and procedures.
12. • Authentication Management
• Safe Browsing
• Cyber Intelligence
• Data Leakage Prevention and Forensic Suite
• Domain Name Services
• Governance Risk and Compliance
• Malware Management
• Security for Endpoints
• Social Media and Brand Protection
• The Human Firewall
13. “We Do Authentication, You Do Your
Business As Usual”
Our Authentication Management
Solution
Our Authentication Management deploys
world leading client recognition and access
management systems. They are able to
secure billions of users accounts. Our
authentication solution and access control
provides solutions which are changing the
way businesses interact and authenticate
their users which is done remotely. Our
solution is simple to deploy and it conforms
to respect your organisations privacy,
security standards and compliance
requirements.
Keys to Our Authentication Management
Easy Onboarding
We offer you easy digital enrolment
experiences which are spread across our
service applications and delivery channels.
Adaptive Authentication
When using our easy cost effective
technology you will receive trustable
identity validations & multi factor
authentication with lesser effort than typing
a password.
Unified Access Management
Make use of all our features through a
developer-friendly Rest API. This is our
single solution for all your authentication
needs.
Why Choose our Authentication Management
We offer you a system which is:
Secure
Convenient
Multimodal
Compliant
Integrate
Scalable
Future-proof
Provisioned
Authentication Management
14. Most of the threats and attacks that appear on
our devices come from the web after sneaking
pass the security measures which we enabled.
Our solution allows users to safely browse the
Internet without having the fear of getting
compromised. Our solution augments existing
defenses to keep malware and zero-day exploits
off all endpoints.
What is Safe Browsing:
Executes active web content in a remote
disposable container
Makes websites a safe interactive content
stream
Delivers natural browsing experience for users
Browse with Confidence
Users can click without the fear of data exploits,
ransomware, malware attacks and other threats
Integrated file sanitization for safe downloads
It increases productivity
How Our Solution Keeps Malware Out
Our solution does not require installation and
does not interrupt the work flow. Below you
will see how our solution works:
A user opens up a browser
Our tool instantly powers up a virtual browser
in a remote Linux container
The website’s code executes in the virtual
browser which is nowhere near to the end
users device
To prevent leakage of sensitive data between
sessions, each browser session or tab gets
its
very own isolated container. When a session
is closed or inactive, the container is
destroyed, along with any malicious code
Files which are downloaded are scanned and
cleansed using the pre-integrated sanitization
tool before they’re released to the user
Safe Browsing
15. Cyber Intelligence detects and helps
investigate external and insider threats
across on-premises, cloud and hybrid
environments. Our solution is built to
support the most demanding workloads of
security analytics for the modern
enterprise.
Our solution fuses together unique
machine learning algorithms, world-class
security research and in depth critical
security data. It will help protect you from
both known and unknown attacks by
detecting threats early.
Detection
By use of our solution, we will detect malicious
activity by collecting multiple data sources,
network traffic, event logs, VPN data, and much
more to create a coherent behavioural profile.
Cyber Intelligence comes with a set of
deterministic models that identify both common
and newly discovered implementations of
attacker techniques such as Pass-the-Hash,
Overpass-the-Hash, Golden Ticket and other
techniques.
Prevention & Isolation
Our solution shows the attack as a contextual
alert timeline, where each individual alert
includes both description of the malicious
activity that triggered it, as well as the required
onward response steps which should be taken.
Our solution provides alerting and profiling
information on malicious activity with the tools
and metadata that are required for further
investigation.
Cyber Intelligence
16. Our solution helps your organisation from
intentional or accidental insider threats. Our
solution provides you with analytics which
provides you with actionable context &
intelligence. It can be deployed on your
system without timeouts. From installation our
tool will start protecting your organisation from
data leakages immediately. By using our
solution you have overall control of all the
secrets that within your company.
What our solution provides you?
• Control of confidential documents
• Control data channels
• Detect unauthorized actions of employees
& stop them
• User visibility
• Patterns of known behaviour
• User behaviour intelligence
Our Solution Puts An End To:
• Data Exfiltration
• IP Theft
• Credential Misuse
• Credential Theft
• Account Takeover
• & Much More
More Than Just Our DLP Solution
• Our DLP Solution has a Forensic Suite
integrated into it and provides more
capabilities:
• Control not only data, but human
behaviour as well
• Perform audit of all corporate processes
• Detect suspicious actions of employees
• Investigate and collect evidence
• Prevent thefts and other types of corporate
fraud
Data Leakage Prevention and Forensic Suite
17. Security, reliability, performance. The reasons your business can count on us to secure
this cornerstone of your connected world. Just what you want in your DNS.
Functions of our DNS
Our DNS comes in two categories:
Authoritative DNS
Enterprise
Our DNS is an enterprise grade, managed authoritative DNS service that ensures 100% website
availability along with built-in security for superior protection.
Small Business
Our DNS also offers packages for small to medium sized businesses to manage their DNS
needs.
Recursive DNS
Enterprise
Our Recursive DNS is an enterprise grade, cloud-based recursive DNS service that delivers fast
and reliable access to vital online applications with built-in security and threat intelligence.
Small Business
We also offer a Recursive DNS service that enables users, families and small businesses to
experience a faster and safer online experience.
Domain Name Services
18. ur solution offers a time saving, web based
service which is designed to help an
organisation manage their governance,
risk and compliance. It utilises of a self-
service concept and management by
exception. This ensures that time is not
wasted on tasks which are not necessary.
Key Advantages:
• Improved Information Governance
coordination – Dramatically increase the
Information Governance coordination
within your organisation
• Better Information Governance visibility
– Provide your management and all staff
with visual dashboards showing the state
of operational compliance
• Greater Information Governance
efficiency – Boost operational efficiency
by providing automated processes that
simplify key tasks making compliance
easier to achieve
Furthermore we have detailed risk courses
for:
• Employees who decide to quit their job and
then causing jeopardy in the work flow
• Employees causing inside attacks
• Employees who snoop around and choosing
to make extra money on the side using
organisation’s material
• Employees creating a fraud scheme
• Leaking commercial secrets due to
blackmail and deliberate sabotage.
We have the perfect package to suit your
organisation with regards to employee
profiling and behavioural patterns, these
packages are broken down into:
• Guide on risk group control
• Guide on how to protect against fraudsters
inside a company
• Guide on how to control human behaviour
• Data Protection Courses
• GRC-ISMS Courses
Governance Risk and Compliance
19. Our Malware Management is an easy to use business security solution, which delivers
superior proactive protection from viruses, spyware, rootkits, spam, phishing and other
malware.
Functions of our Malware Management
Our Malware Management Solution allows you to create centralized reports on the security
status of your networked or stand-alone computers. We offer security which allows you to have
a full range of both virtualised and physical environments:
• Identifying network security issues, threats and vulnerabilities.
• Monitoring and ensuring compliance with the organization’s security policies.
• Checking and assessing the network security status.
• Monitoring security incidents and malware activity.
• Providing upper management with easy-to-interpret data on network security.
• Next Generation Firewall (combination of enterprise class firewalling with application
recognition)
• Virtual Next Generation Firewall (runs on private, public and hybrid clouds)
Malware Management
20. Our Endpoint Solution provides you with the only platform that defends every endpoint
against all types of attacks, including Ransomware! Our solution is a signature-less which
means no daily or weekly updates.
Protect What Matters
Our solution has machine learning & AI applied to it hence our platform does not need prior
knowledge of an attack. The threat landscape is always evolving but our platform is ready to stop
attacks that have not yet been released. With our platform you are free to use your technology as
you please.
Our Endpoint Protection Warranty
We stand behind our solution and with our valued customers. We offer you up to $1 Million in
ransomware protection. Think smart and get the assurance of security with our Endpoint
Protection Solution.
Security for Endpoints
22. Managed Security Services
Managed Security Services(MSS) are network security services that have been outsourced to a service provider. Managed Security Services (MSS) is a
systematic approach to managing an organization's security needs.
On-site consulting: This is customized assistance in the assessment of business risks, key business requirements for security and the development
of security policies and processes. Consulting may also include security product integration and On-site incident response and forensics.
Remote perimeter management: This service installs and upgrades the firewall,Virtual Private Network(VPN) and intrusion detection hardware and
software, commonly performing configuration changes on behalf of the customer
Managed security monitoring: This is the day-to-day monitoring and interpretation of important system events throughout the network, including
unauthorized behavior, malicious hacks and denials of service (Dos), anomalies and trend analysis. It is the first step in an incident response process.
Penetration and vulnerability testing: This includes one-time or periodic software scans or hacking attempts in order to find vulnerabilities in a
technical and logical perimeter. It generally does not assess security throughout the network, nor does it accurately reflect personnel-related
exposures due to disgruntled employees, social engineering, etc.
Compliance monitoring: This includes monitoring event logs not for intrusions, but change management. This service will identify changes to a
system that violate a formal security policy for example, if a rogue administrator grants himself or herself too much access to a system. In short, it
measures compliance to a technical risk model.
five categories of managed security services
29. Are Fundamental Questions been Addressed?
• What is that you are Protecting?
• What are you protecting yourself from?
• How do you Prioritize? And how often do you prioritize?
• How do you check that your efforts are effective?
30. Our Offerings
▌ Managed Firewall
▌ Managed SIEM
▌ Managed Two Factor Authentication
▌ Managed Updates and Patches
▌ Email and Web Filtering
▌ Managed Anti-Malware Protection
▌ Data Protection and Recovery
▌ Security Reporting and Dashboard
▌ Endpoint Protection
▌ Rapid Response
35. PASSIVE INTELLIGENCE GATHERING
35
• Search Engines and File sharing
• People Search
• Social Networking
• Whois Record
• Criminal Record
• Reverse Phone Lookup
• Job Listing
• Online Public Record
• Public Disclosures
• Darkweb Commerce Search
36. Types Of Data Collected
Network Block, IP information, IP Location
Make & Model of ADSL / Wireless / 4G Router
Desktop/Laptop/Mobile Device OS information / Browsers,
Mobile Provider Information including Roaming details, IMSI, Porting Data
Trace Of Published Stolen Records From In-depth Internet Search
Identification DOf People ealing With IPR Theft
Date And Timestamp Of IP Darkweb Sale Records (From Blockchains)
37. Incident Response Management
Incident
Reporting
Evaluating, correlating &
Prioritizing each report
Investigating each report or
set of related reports
Provider reviewing reports of
suspicious system & network
behavior & events
Intrusion
Detection
Intrusion
Response
Audit Endpoint and Event Logs
Performing forensic analysis
Preserving the evidence
Recommending improvement
actions
38. Proposed Team Structure
We propose a team structure, which would
ensure reviews and quality check at
multiple levels
SteeringCommittee
Partner/Director
• Responsible for owning
& delivering project to
broader organization
Provides direction &
alignment between
project, organization &
activities
ProjectManagementteam
SeniorManager
• Provide day-to-day
management & oversight
Provide guidance &
direction to project
resources
Provide status updates
to leadership
Identify, manage &
resolve issues, risks
CoreTeam
Manager&Consultants
• Executes & delivers work
across respective project
thread
Leverages & works side
by side with resources of
ECD
Maturity Assessments
We test your environment:
a. External Penertration Testing
b. Internal Penertration Testing
c. Vulnerability Assessments
d. Software Code Reviews
e. People Awareness Assessments
f. Architecture Reviews
g. Governance Reviews
Benefits to your organisation:
a. Helps to evaluate security investment
b. Testing your current Cyber Security Defence
c. Visualise the weakness in your environment before an incident takes place
Cyber Governance framework
We develop and maintain your:
a. Policies
b. Standards
c. Procedures
d. Strategy
e. Enterprise information architecture
Benefits to your organisation include:
a. Compliance with local and international legislation
b. Alignment with international best practices
c. Classification of information
Malware Management Service
On your Technology Infrastructure, we implement and maintain:
a. Centrally managed host based firewalls
b.Centrally managed host based intrusion prevention solution
c. Centrally managed enterprise wide antivirus and anti-spyware
Benefits to your organisation include:
a. Removes an prevents known Malware from executing
b. Protects against new and unknown malware (zero-day exploits)
c. Keep your organisation resistant to the daily influx of malware
Cyber Intelligence Service
We provide the following 24×7 monitoring service that identifies threats aimed at your organisation:
a. Threat Analytics
b. Device Analytics
c. Incident Management
Benefits to your organisation include:
a. Understanding the objective of the threat actor.
b. Evidence based knowledge about an existing or emerging threat.
c. Condition under which a threat is likely to exploit a vulnerability.
Cyber Security Awareness
Our Cyber security awareness service offers the following:
a. Onsite Workshop Awareness Session
b. Automated Technology Awareness Sessions
Benefits to your organisation include:
a. Being informed creates a better workplace culture.
b. Staff will become more confident with regards to using technology
c. A conductive culture saves your organisation money.
Cyber Security Technology Controls
Our Cyber Security technology tools include:
a. Data Compression & Encryption
b. Domain Name Service (DNS) management
c. Enterprise Certificate Management
d. Data Leakage Protection
e. Ransomware blocker
f. Email Mail regulator
g. Secure hardware
h. Custom Developed Security Technology Tool for your needs
Benefits include:
a. Security-centred device management
b. Minimise security vulnerabilities and monitor protected systems
c. Preventing targeted phishing attacks from reaching your business
Digital Forensics
Preserving evidence while performing an investigation, Our service includes:
a. Network forensics
b. Firewall forensics
c. Database forensics
d. Mobile device forensics
Our digital forensics service benefits include:
a. The comparison of relevant types of data from different systems or sources to show a more complete picture
b. The ability to easily trend relevant data over periods of time; fluctuation in trending lines can be analysed further for false positives and potential risk factors.
c. The quick identification and extraction of certain risk criteria from the entire data population for further analysis.
d. The testing for effectiveness of the control environment and policies in place by identifying attributes that violates rules.
e. Identifying trends of which company personnel, consultants and forensic accountants were unaware off.
Online Branding and Social Media Policing
Providing a policing service protects your brand online, our services include:
a. Monitoring of databases to detect attempts to register the same or similar trademark.
b. Comprehensive third party monitoring for any infringing commercial use of your mark.
c. Safeguarding your brand to remain in compliance with trademark laws and regulations.
Benefits include:
a. You stay informed and up to date on the status of your trademark
b. Preventing the possibility of consumer confusion and unfair competition
c. Let infringes know that you are serious about maintaining your trademark