Penetration Testing End-To-End  Automated  On-Demand Network Security Testing  |  Application Security Testing  |  Complia...
About iViZ Information Security start-up with world’s only on-demand penetration testing product USPTO patent pending tech...
Current Business Needs <ul><li>Business Continuity </li></ul><ul><ul><li>Prevent business disruption by protecting critica...
Ideal Solution Penetration Testing that goes beyond simple vulnerability scanning needs to be performed frequently John Pe...
Current Technology Challenges <ul><li>Ensuring security with manual testing is still a problem </li></ul><ul><ul><li>Time-...
Multi Stage Attacks <ul><li>“  .. exploit multiple security weaknesses that individually are not critical, but in the aggr...
Multi Stage Attacks
Kevin Mitnick – renowned hacker
Rest of the story.. Even a hacker is not safe from hackers!
How does a real one look like ?
iViZ Technology Unique patent-pending penetration technology can simulate these scenarios
Unique patent-pending penetration technology can simulate these scenarios 1 Intelligent Human Hacker Attacks iViZ Technology
iViZ Technology Unique patent-pending penetration technology can simulate these scenarios 1 Intelligent Human Hacker Attac...
iViZ Technology Unique patent-pending penetration technology can simulate these scenarios 1 Intelligent Human Hacker Attac...
iViZ Offering :  Penetration Testing <ul><li>On-Demand </li></ul><ul><ul><li>Anytime, Anywhere, Anyhow subscription based ...
How It Works On-Demand (Hosted) Penetration Testing service from our Security Operation Center 1 2 3 Schedule Scan Receive...
Over 60 customers use iViZ Media Telecom Financial Services Government Technology / Internet Others
iViZ Recognitions 10 Hottest start-ups (2008) Business Today is a leading business magazine in India  World Economic Forum...
Thanks www.ivizsecurity.com
iViZ – netmagic Partnership <ul><li>Complementing security portfolio </li></ul><ul><li>Value addition to clients </li></ul...
Additional Slides
Deliverables <ul><li>Online Vulnerability Management Portal (Co- Branded) </li></ul><ul><li>On Demand Penetration Testing ...
<ul><li>On Demand Testing – Unlimited Frequency. </li></ul><ul><li>Automated Vulnerability and Penetration Testing </li></...
Current Business Challenges <ul><li>Ensuring security is still a problem with heterogeneous non-integrated solutions </li>...
What Industry Analysts say.. <ul><li>IDC believes that the  only way  an organization can  know its true vulnerability ris...
Upcoming SlideShare
Loading in …5
×

IViz Technologies - Presentation at NASSCOM Product Conclave

3,585 views
3,479 views

Published on

IViz Technologies - Information Security start-up with world’s only on-demand penetration testing product

Published in: Business, Technology
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
3,585
On SlideShare
0
From Embeds
0
Number of Embeds
1,246
Actions
Shares
0
Downloads
86
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

IViz Technologies - Presentation at NASSCOM Product Conclave

  1. 1. Penetration Testing End-To-End Automated On-Demand Network Security Testing | Application Security Testing | Compliance Reporting Bala Girisaballa Vice President, Head Products & Marketing www.ivizsecurity.com
  2. 2. About iViZ Information Security start-up with world’s only on-demand penetration testing product USPTO patent pending technology IDG Ventures Funded Over 60 customers including top companies in media, financial services, government, telecom & internet domains Global recognition by Intel, Dept. of Homeland Security, London Business School, World Economic Forum
  3. 3. Current Business Needs <ul><li>Business Continuity </li></ul><ul><ul><li>Prevent business disruption by protecting critical IT assets </li></ul></ul><ul><li>Compliance </li></ul><ul><ul><li>Manage ever growing compliance requirements </li></ul></ul><ul><li>Brand Image </li></ul><ul><ul><li>Protect brand image by ensuring security of your application & customer data </li></ul></ul>
  4. 4. Ideal Solution Penetration Testing that goes beyond simple vulnerability scanning needs to be performed frequently John Pescatore, Gartner The only way an organization can know its true vulnerability risks is to take a “hacker’s eye” approach to evaluate the effectiveness of its internal and external defenses IDC
  5. 5. Current Technology Challenges <ul><li>Ensuring security with manual testing is still a problem </li></ul><ul><ul><li>Time-intensive, effort-intensive, expensive & not scalable </li></ul></ul><ul><ul><li>Difficult to keep up with over 300 new vulnerabilities discovered / month </li></ul></ul><ul><ul><li>Low testing frequency result in outdated security baselines </li></ul></ul><ul><ul><li>Heterogeneous non-integrated solutions create testing complexity </li></ul></ul><ul><ul><li>Prone to human errors </li></ul></ul><ul><ul><li>Not comprehensive – manually finding all possible attack paths is infeasible </li></ul></ul><ul><ul><li>Ever increasing/changing compliance & regulatory requirements </li></ul></ul>
  6. 6. Multi Stage Attacks <ul><li>“ .. exploit multiple security weaknesses that individually are not critical, but in the aggregate, they allow an attacker to compromise business critical data ” </li></ul>Gartner
  7. 7. Multi Stage Attacks
  8. 8. Kevin Mitnick – renowned hacker
  9. 9. Rest of the story.. Even a hacker is not safe from hackers!
  10. 10. How does a real one look like ?
  11. 11. iViZ Technology Unique patent-pending penetration technology can simulate these scenarios
  12. 12. Unique patent-pending penetration technology can simulate these scenarios 1 Intelligent Human Hacker Attacks iViZ Technology
  13. 13. iViZ Technology Unique patent-pending penetration technology can simulate these scenarios 1 Intelligent Human Hacker Attacks 2 Replicate hackers on different machines of your network
  14. 14. iViZ Technology Unique patent-pending penetration technology can simulate these scenarios 1 Intelligent Human Hacker Attacks 2 Replicate hackers on different machines of your network 3 Attacks using community of mutually co-operating hacker agents
  15. 15. iViZ Offering : Penetration Testing <ul><li>On-Demand </li></ul><ul><ul><li>Anytime, Anywhere, Anyhow subscription based service </li></ul></ul><ul><ul><li>Round the clock protection </li></ul></ul><ul><ul><li>Zero installation & maintenance overhead </li></ul></ul><ul><ul><li>Lower cost-of-ownership </li></ul></ul><ul><li>End-To-End </li></ul><ul><ul><li>Complete security lifecycle testing </li></ul></ul><ul><ul><li>Comprehensive vulnerability management database </li></ul></ul><ul><ul><li>Prioritization and remediation of vulnerabilities </li></ul></ul><ul><ul><li>Compliance reporting </li></ul></ul><ul><ul><li>Choice of manual and automated testing to cover all possibilities </li></ul></ul><ul><li>Automatic </li></ul><ul><ul><li>Intelligent attack planning </li></ul></ul><ul><ul><li>Automated exploitation </li></ul></ul><ul><ul><li>Multi stage attack simulation </li></ul></ul><ul><ul><li>Complete automation of security lifecycle testing </li></ul></ul>
  16. 16. How It Works On-Demand (Hosted) Penetration Testing service from our Security Operation Center 1 2 3 Schedule Scan Receive Report Fix Issues
  17. 17. Over 60 customers use iViZ Media Telecom Financial Services Government Technology / Internet Others
  18. 18. iViZ Recognitions 10 Hottest start-ups (2008) Business Today is a leading business magazine in India World Economic Forum Technology Pioneers Nomination (2008) Nominated by World Economic Forum for Technology Pioneers Challenge in 2008. Top 2 in Asia (2007) Top 6 in World (2007) Short listed in Global Security Challenge 2007 sponsored and partnered by US Department of Homeland Security, London Business School and US Navy. Top 8 in the world (2006) Short listed to be amongst the world’s Top 8 contenders by Intel-UC Berkeley Technology Entrepreneurship Challenge 2006 Top 2 in India (2006) Intel and Department of Science and Technology selected iViZ among top 2 in India in India Innovation Pioneers Challenge iViZ discovers new class of vulnerability; announces in Defcon (2008) Jonathon Brossard, lead security researcher & discoverer at iViZ presents it in Defcon, world’s largest security conference at Las Vegas
  19. 19. Thanks www.ivizsecurity.com
  20. 20. iViZ – netmagic Partnership <ul><li>Complementing security portfolio </li></ul><ul><li>Value addition to clients </li></ul><ul><li>Co-branded Vulnerability Management Portal </li></ul><ul><li>Co-marketing opportunities </li></ul>
  21. 21. Additional Slides
  22. 22. Deliverables <ul><li>Online Vulnerability Management Portal (Co- Branded) </li></ul><ul><li>On Demand Penetration Testing </li></ul><ul><li>On Demand Web Application Testing </li></ul><ul><li>Unlimited Vulnerability Assessment </li></ul><ul><li>Reports Containing: </li></ul><ul><ul><li>All the Vulnerabilities Discovered </li></ul></ul><ul><ul><li>The Mitigation steps of all the Vulnerabilities </li></ul></ul><ul><ul><li>Compliance Reports </li></ul></ul><ul><ul><li>Historical Vulnerability Trend </li></ul></ul>
  23. 23. <ul><li>On Demand Testing – Unlimited Frequency. </li></ul><ul><li>Automated Vulnerability and Penetration Testing </li></ul><ul><ul><li>Exploitation </li></ul></ul><ul><ul><li>Intelligent Attack Planning </li></ul></ul><ul><ul><li>Online Vulnerability Management Portal </li></ul></ul><ul><li>Automated Web Application Testing </li></ul><ul><li>Advanced Correlation of Vulnerabilities </li></ul><ul><li>Multi Stage Attack Simulation </li></ul><ul><li>Prioritization and Remediation of Vulnerabilities </li></ul>iViZ Technology Features
  24. 24. Current Business Challenges <ul><li>Ensuring security is still a problem with heterogeneous non-integrated solutions </li></ul><ul><li>Ever increasing security complexity with over 300 new vulnerabilities per month </li></ul><ul><li>Mushrooming IT networks demanding greater protection </li></ul>
  25. 25. What Industry Analysts say.. <ul><li>IDC believes that the only way an organization can know its true vulnerability risks is to take a &quot;hacker ’ s eye&quot; approach to evaluating the effectiveness of its internal and external defenses. </li></ul><ul><ul><li>IDC </li></ul></ul><ul><li>Penetration Testing that goes beyond simple vulnerability Assessment should be performed regularly </li></ul><ul><ul><li>Gartner </li></ul></ul><ul><li>“ The software has essentially productized what used to be a costly and time-intensive professional service and was done by a select few security specialists with years of experience.” </li></ul><ul><li>IDC about automation of penetration testing </li></ul>

×