– Deliver on security tactical plan with regards to security initiatives scheduled for the financial year
– Perform active security monitoring to enable early detection/prevention of threats and vulnerabilities as input into security strategy and roadmap.
– Security Assessments
– Assess the security of suppliers and other business partners and perform automated reviews of publicly available data from those organizations to identify signs of inappropriate security practices.
– Perform vendor security assessments on new and existing vendors.
– Penetration Testing
-Create Pen-test and red team framework and methodology.
– Validate or assess the security of an environment applying real-world attack techniques such as obtaining certain sensitive data or privileged access to certain systems or domains to achieve a predefined objective
– Simulate a broad range of malicious activities, enabling organizations to determine if their systems can stop or detect them
– External Digital Footprint Monitoring
Obtain visibility and ensure availability of information about the organization systems, infrastructure, data and users
Red Team Exercises
Assess the ability of the organization to prevent, detect and respond to real threats, applying selected attack methods and tools to make the activity as close to real attacks as possible
Bug Bounties and Crowdsourcing
Perform security tests such as application security testing and pen-tests, leveraging a bigger pool of security resources with a broader variety of skills & approaches.