Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Gloriolesoft Consulting Security and Privacy Offering


Published on

Gloriolesoft Consulting Security and Privacy Offering :
Security, Enterprise Security Architecture, SOA Security , REST, Mobile Gateway Solution, IAM, GRC, Application Security, Risk and Compliance

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

Gloriolesoft Consulting Security and Privacy Offering

  1. 1. Gloriolesoft Consulting 
  2. 2. Information Security Security and PrivacyIdentity and Access Enterprise Application Security RiskManagement, Security Strategy Security Strategy , Assessment,Identity Lifecycle , and Roadmap, Secure Policy, Security Audit,SOA Security Security Guidelines and Regularity and and Architecture Procedure ComplianceCloud Security Blueprint , Design and Governance
  3. 3. Engagement Lifecycle Assessment, Secure Secure Package Manage Planning andStrategy and Architecture Implementation Security and BudgetingRoadmap and Design and Deployment Educate 1. Infrastructure 1. Platform and1. Sit with CXOs and 1. Architectural readiness 1. Define Governance environment detailing business blueprint 2. Deployment at Model readiness vision ,strategy, 2. Architectural Preprod , Preview and 2. High level Plan, 2. SW and Hardware direction and Governance and Production estimation and licensing an d roadmap Design Authority 3. UAT budgeting procurement2. Develop strategic 3. Best practice and 4. Security Testing 3. Define delivery gate 3. Implementation Goal, benefit and guidelines , 5. Operational Readiness 4. Vendor selection Identity life Cycle ROI technology feasibility 6. Go-Live and strategic 4. Develop custom3. Build trust and and vendor selection 7. ITSM lifecycle alignment code assess customer’s based on best fit 8. En User Training 5. Detailed program 5. Integration security posture scorecard 9. Security Awareness plan ,resource 6. Static , Dynamic4. Evaluate existing 4. Develop policies, Training ,ownership and and interactive security policies, milestone . standard and security testing processes and 6. Risk and Mitigation process 7. Secure Code review standards, and plan 5. Architectural ,penetration testing security architecture Decision 8. EIT, SIT5. Establish security 6. SAD [ Software 9. Audit, reporting , baseline and define Architecture and Management strategic security Design] dashboard roadmap 7. HLSD [ High Level6. Identify the Risk Solution Design ] Associated with 8. LLSD [Low Level Enterprise, i.e. both solution Design] business and 9. Test Plan and Test technical risk Strategy. 10. Application Security Guidelines and Strategy 11. App and Web Security checklist
  4. 4. Service Offering ‐ Artifacts Assurance, ManagedIdentity , Account Lifecycle and Application Risk, Governance, Security andCloud Security Security Regularity Compliance Infra Security 1. Application Security 1. Develop Identity Life cycle strategy and Roadmap, Strategy and 1. Vulnerability 1. Management Security Roadmap Guidelines Management & Dashboard 2. IAM Risk assessment , Gap analysis and 2. Secure process Incident Response 2. Information Security Federation readiness. development through out 2. Emergency Response Assessment and Audits 3. Product Evolution, Licensing strategy and SDLC and Forensic 3. Outsourcing and Third- scorecard based product recommendation 3. E2E Security Testing [ Investigation party security checks and 4. Cloud and API Gateway Security solution [ Static , Dynamic , 3. BCP/ DRP – Business audits OAUTH2.0, OpenID, SAML2.0]. Interactive and Glass box Impact Analysis, DR 4. Risk Assessment, Gap 5. IAM Architecture design and technical testing] Strategy & Testing Analysis, Control Design blueprint 4. Secure policies, 4. ITSM - Continuous & Test of Operating 6. Identity Data Modeling , Migration plan guidelines and standard Application Effectiveness 7. Identity Lifecycle , Directory Services and [OWASP TOP 10, SANS Maintenance Services 5. Standards and Access Management installation, and Industry best 5. IDS, IPS, Firewall Regulatory Compliance configuration and customization practice] policy and Rule Strategy 8. Account life cycle such as User 5. Secure Code review, configuration • Sarbanes Oxley (SOX) provisioning , de-provisioning, self service coding standard and 6. Secure network design • Gramm-Leach-Bliley Act and password Management guidelines [F5, BigIP] (GLBA) 9. Federated Identity Management , Trusted 6. Design and Architecture • HIPAA Identity Solution review • Payment Card Industry 10. RBAC, Role Mapping 7. Code scanning through (PCI) standards 11. Authorization ,Policy Manager , runtime Static scanning, Website • Basel II authorization and Entitlement testing and Webservice • SAS-70 12. SOA Security, Web Service Security Testing through dynamic • ISO 27001 Readiness 13. Public Key Infrastructure (PKI) scanning review and Pre 14. Smart Cards management Solution, 8. Application Vulnerability certification services 2Factor /Multifactor Authentication Assessment , Threat 15. Single Sign on , Web Single Sign On, modeling and Single Sign Off/ Logout and Enterprise Penetration Testing Single On , Secure Token Services 9. Database security 16. Integration, custom adapter/connector Assessment and security development checklist for Non 17. Testing Plan and Strategy [UAT, SIT and Standard Applications E2E Functional Testing and Performance 10. Training and awareness Testing]
  5. 5. Technology Enabler Assurance, ManagedIdentity , Account Lifecycle and Application Risk, Governance, Security andCloud Security Security Regularity Compliance Infra Security Tivoli Identity Manager (TIM) Tivoli Access Manager (TAM) Rational Appscan for Source Security Information & Tivoli Access Manager For eBusiness Edition [Static] Event Management (TAMESSO) (SIEM) IBM ISS Siteprotector Tivoli Federated Identity Manager (TFIM , STS) Rational Appscan Enterprise Tivoli Directory Server (TDS) & Directory Edition [Interactive and IDS, IPS Tivoli Security Operations Integrator (TDI) Dynamic] Manager & Consul InSight Tivoli Security Policy Manager Rational Appscan Standard Oracle Identity Manager (OIM) ArcSight Enterprise Security Edition [ Dynamic and Oracle Access Manager (OAM) Manager Glassbox] Oracle Entitlement Server (OES) Oracle Identity Directory and Oracle Virtual NetIQ Security Manager Directory (OID, OVD) CA Security Command Center CA Identity Manager / Access control / Single Fortify Software sign-on SPI Dynamics Vulnerability & Threat CA SiteMinder, CA SSO, CA Identity Novell NSure Identity Manager, Access Management Manager and Federation Solution IBM Internet Scanner Software RSA Access Manager RSA Federated Identity Manager IBM Proventia Network Microsoft ILM, UAM, TMG Enterprise Scanner Microsoft ADFS Ping Identity and Federation Service IBM Proventia Management SiteProtector Web Sphere Data power CA Vulnerability Manager Apigee Gateway Appliance Layer 7