iViZ Security : On Demand Penetration Testing


Published on

Are you looking for a reliable penetration testing solution? Contact iViZ Security that provides on demand penetration testing solution for proactive security risk management. Our penetration tests are comprehensive,reliable to keep a computer system or networks safe from various malicious attacks.

Published in: Business, Technology
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

iViZ Security : On Demand Penetration Testing

  1. 1. Overview Presentation On Demand Penetration Testing Application | Networks | Compliance Reporting www.iViZsecurity.com An IDG Ventures Company
  2. 2. <ul><li>Today’s Security Challenges </li></ul><ul><li>iViZ Value Proposition </li></ul><ul><li>Solution Details </li></ul><ul><li>iViZ Profile </li></ul>Contents Private & Confidential | iViZ
  3. 3. About iViZ <ul><li>Industry’s first On Demand Penetration Testing Company for web applications, networks and compliance reporting </li></ul><ul><li>Funded by IDG Ventures , a 4 Billion USD US venture capital fund which has funded companies like Netscape, Myspace, Baidu, F5 etc. </li></ul><ul><li>Patent Pending technology to simulate a human hacker which has won worldwide recognition from US Dept. of Homeland Security, Intel, World Economic Forum, Red Herring, London Business School etc. </li></ul><ul><li>In-house research team discovered new vulnerabilities in different products of Microsoft, Intel, IBM, Adobe, AVG, McAfee etc. </li></ul><ul><li>Widely adopted by customers like Sony, Oracle, Tata, CNN IBN, CNBC, Fiat, ING etc. </li></ul>Private & Confidential | iViZ
  4. 4. Today’s Security Challenges Private & Confidential | iViZ
  5. 5. Security Challenges Businesses Face Today Business Continuity <ul><ul><li>Prevent business disruption by protecting critical IT assets </li></ul></ul>Compliance Management Brand Protection <ul><ul><li>Manage Ever Growing Compliance Requirements PCI, ISO, HIPAA </li></ul></ul><ul><ul><li>Ensure Safety Of Your Application & Confidential Customer Data </li></ul></ul>
  6. 6. Security Snapshot 7400 New vulnerabilities discovered in 2008 92% Vulnerabilities can be exploited remotely >55% Vulnerabilities affect web applications. If you add custom applications, this figure will be far higher 74% Vulnerabilities did not have vendor patches by end of 2008 SQL injection exploitations per day . (#1 vulnerability) Increased from few thousands per day last year Source: Gartner, CERT, Security Trends & Risk Report 2008 75% Attacks are tunneled through web applications (Gartner) 100,000+
  7. 7. Even Secure Organizations Are Not Safe!
  8. 8. Multi-Stage Attacks Are Harder To Detect Attacks Are Getting Complex Attack Entry Critical Server Non-Critical Server
  9. 9. The Solution Private & Confidential | iViZ
  10. 10. Proactive Regular Security Testing Penetration Testing Ensures You Are Safe Regular proactive Penetration Testing is needed to augment defensive security monitoring measures such as firewalls, IDS, IPS etc., especially in light of the rising level of targeted attacks
  11. 11. Current Approach Has Gaps Private & Confidential | iViZ
  12. 12. Private & Confidential | iViZ
  13. 13. Private & Confidential | iViZ On Demand Vulnerability Management Portal Application Penetration Testing Business logic verification Specialized Testing For Web 2.0 Technologies (AJAX, JavaScript, Flash, ActiveX etc.,) Coverage for all 26 classes of WASC vulnerabilities & OWASP Top 10 Network Penetration Testing Multi-Stage Attack Simulation Coverage for CVE / NVDB / SANS Top 20 vulnerabilities Automated Exploitation And False Positives Elimination as well as data leakage detection PCI Compliance Reporting PCI Compliance Checklist PCI-DSS quarterly scanning Auto fill data from test results Expert analysis along with automated scanning ISO, SOX Compliant Reporting iViZ On Demand Security Solution
  14. 14. Customer Applications/Network Internet Internet Private & Confidential | iViZ iViZ Vulnerability Mgmt Portal Customer Log in Schedule Scan iViZ Scanners iViZ Vulnerability Mgmt Portal Report + Vulnerability Dashboard Internet Test over secure connection Customer Customer How does it work? iViZ Scanners iViZ Scanners
  15. 15. Private & Confidential | iViZ Superior Coverage Security Test Coverage
  16. 16. Benefits On Demand Regular Security Testing Coverage Online Vulnerability Management Portal Periodic Security Test Scheduling Comprehensive Detection Of All Possible Attack Paths Unique Multi-Stage Attack Simulation Technology Cost-Effective High Security ROI Pay-As-You-Go Quarterly Subscriptions Zero Tools / Infrastructure Overheads Hybrid Testing : Automated + Expert Testing
  17. 17. On Demand Portal Screenshots On Demand Scan Scheduling Historical Trend Analysis Vulnerability Analytics
  18. 18. On Demand Metrics Threat Analysis
  19. 19. Threats & Remediation Report includes threat details & remediation recommendations
  20. 20. About iViZ Private & Confidential | iViZ
  21. 21. Strong research team discovered new vulnerabilities in Microsoft, Intel, HP, Lenovo, McAfee and several others Funded by USD 4 Billion IDG Ventures (whose portfolio include Netscape and MySpace) About iViZ Private & Confidential | iViZ Information Security company with world’s only on-demand penetration testing solution using unique patent pending technology Over 1200 successful tests done for major global brands Global recognitions by Intel, US Dept. of Homeland Security, London Business School, World Economic Forum
  22. 22. Top 2 in Asia / Top 6 in World Top 100 in Asia Top 8 in World Top 4 Emerging Company Innovative Company Finalist Top 10 Hottest Startups Top 2 in India 2007 2008 2006 2009 2008 2006 Global Recognitions for Technology Private & Confidential | iViZ
  23. 23. Hard Disk Encryption BIOS Antivirus iViZ Vulnerability Research has discovered security vulnerabilities in the following products F-Prot version 4.6.8, Sophos SAVScan 4.33.0, AVG for Linux version 7.5.51, Avast for Workstations v1.0.8, Bitdefender for GNU/Linux version 7.60825, ClamAV 0.93.3 Microsoft Bitlocker/Vista (SP0), SafeBoot Device Encryption v4, Build 4750 and below Hewlett-Packard 68DTT Ver. F.0D, Intel Corp PE94510M.86A.0050.2007.0710.1559, Lenovo 7CETB5WW v2.05 iViZ Follows Responsible Disclosure Policy: 1) Private vendor disclosure 2) Vendor coordinated public disclosure 3) No public proof of concept One Step ahead of Hackers: iViZ discoveries Private & Confidential | iViZ
  24. 24. IDG Ventures invests $ 2.5 Mil to Enable iViZ Expand Operations iViZ Solutions Aim to Put Hackers Out of Work 10 Hottest Start-ups Keeping a digital vigil Encrypting hard disk is not safe. New vulnerability discovered by iViZ affects Microsoft, Intel, HP and Others New vulnerability discovered by iViZ affects Microsoft, Intel, HP and Others iViZ Research widely cited in over 1000 Media Private & Confidential | iViZ
  25. 25. Due to Non-disclosure Policy, other client names cannot be displayed here Customers Across Broad Industries Private & Confidential | iViZ
  26. 26. Thank You [email_address] Private & Confidential | iViZ www.iViZsecurity.com An IDG Ventures Company
  27. 27. Acronym List & Glossary <ul><li>PCI – Payment Card Industry </li></ul><ul><li>ISO – International Standards Organization </li></ul><ul><li>HIPAA – Health Insurance Portability & Accountability Act </li></ul><ul><li>CERT – Computer Emergency Response Team </li></ul><ul><li>IDS – Intrusion Detection System </li></ul><ul><li>IPS – Intrusion Prevention System </li></ul><ul><li>WASC – Web Application Security Consortium </li></ul><ul><li>OWASP – Online Web Application Security Project </li></ul><ul><li>AJAX – Asynchronous JavaScript and XML </li></ul><ul><li>CVE – Common Vulnerabilities and Exposures </li></ul><ul><li>NVD – National Vulnerabilities Database </li></ul><ul><li>SANS – SysAdmin, Audit, Network, Security Institute </li></ul><ul><li>URL – Uniform Resource Locator </li></ul><ul><li>IP – Internet Protocol Address </li></ul><ul><li>BIOS – Binary Input Output System </li></ul>Listed in the order of appearance