SlideShare a Scribd company logo

Understanding ITG Functions and Services

S
shiriskumar

Business and Technology Dept. fusion session.

Business
1 of 18
AUDITime Information Systems (India) Pvt. Ltd. Understanding ITG Functions
Topics ▪ ITG Services Offered ▪ Services Explained ▪ Web Site & Web Application ▪ Server: Internal Vulnerability Assessment ▪ White-Box, Grey-Box & Black-Box ▪ Network Device ▪ Mobile Application – Vulnerability Assessment ▪ General IS Audit ▪ Questionaries for Customer Engagement ▪ Standard Technical Proposal Format for different ITG Services
ITG Services Offered ▪ End to end IT Infrastructure Audit ▪ Application Functional / Security Audit including Mobile Apps. ▪ Network Security Audit including wireless security ▪ Gap Analysis for iSO 27001-2013 ▪ Consultancy for implementation of iSO 27001-2013 ▪ Business Continuity ? DR Plan process Audit ▪ Business Impact Analysis ▪ CTCL Audits ▪ Process Audits ▪ Data Centre Audits ▪ VAPT Services ▪ Website Security audits ▪ STQC Audits include application security, VAPT, Audit as per CVC Guidelines, ISO 27001
Application Security / Functionality Audits ▪ Different Types of applications ▪ Non-web based ▪ Web based ▪ Mobile based ▪ Non web based are like Finacle at present. Done with manual methods ▪ Web based like internet Banking ▪ Mobile based like mobile banking ▪ Except non web all require the methodology of VAPT from tools apart from manual methods.
Standards / bench marks used ▪ ISO 27001-2013 ▪ COBIT ▪ OWASP Top 10 vulnerabilities ▪ Mobile OWASP Guidelines ▪ CIS Bench Marks
Application explained
Web Application (DYNAMIC) A web application is defined by its interaction with the user. It depends on interaction and requires programmatic user input and data processing. For example: Mail, Search Engine, Login – based application.
Web Application - Example Login Application Internet Banking App. Mail / Chat App. E-Commerce App. E-Tendering App.
Website (usually STATIC) A website is defined by its content. It can plausibly consist of a static content repository that's dealt out to all visitors. For example: News site, Informational portal.
Website - Example Informational Sites News Site
Black, Grey and white Box Testing
Mobile Application Vulnerability Assessment & Penetration Testing
Mobile Platforms iOS Android Blackberry Windows
Server : Internal Vulnerability Assessment
Internal VAPT Servers and network devices are the components of Internal VAPT Exercise. We can do internal VA at Client Location or through VPN Access We require Admin credentials for thorough vulnerability assessment of the scope device. Configuration files are analysed in network Device VA. Nessus tool is used apart from other open source tools such as Nmap.
Network Devices • Switch • Router • Firewall • Intrusion Prevention System • Intrusion Detection System
Server (over VPN)
Thank You

Recommended

Telecom Management Services India
Telecom Management Services IndiaTelecom Management Services India
Telecom Management Services IndiaFlight Case
 
Fundamental Aspects of Security Testing
Fundamental Aspects of Security TestingFundamental Aspects of Security Testing
Fundamental Aspects of Security Testingbquriousindia
 
Middleware final
Middleware finalMiddleware final
Middleware finalAnkit Anand
 
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...WSO2
 
Secure Elements in Web Applications
Secure Elements in Web ApplicationsSecure Elements in Web Applications
Secure Elements in Web ApplicationsOlivier Potonniée
 
Why upgrade your MFA to Adaptive Authentication?
Why upgrade your MFA to Adaptive Authentication?Why upgrade your MFA to Adaptive Authentication?
Why upgrade your MFA to Adaptive Authentication?WSO2
 
Cybersecurity: More than A DoD Issue
Cybersecurity: More than A DoD IssueCybersecurity: More than A DoD Issue
Cybersecurity: More than A DoD IssueRobert E Jones
 
[WSO2Con EU 2018] Identity APIs is the New Black
[WSO2Con EU 2018] Identity APIs is the New Black[WSO2Con EU 2018] Identity APIs is the New Black
[WSO2Con EU 2018] Identity APIs is the New BlackWSO2
 

Recommended

Telecom Management Services India
Telecom Management Services IndiaTelecom Management Services India
Telecom Management Services IndiaFlight Case
 
Fundamental Aspects of Security Testing
Fundamental Aspects of Security TestingFundamental Aspects of Security Testing
Fundamental Aspects of Security Testingbquriousindia
 
Middleware final
Middleware finalMiddleware final
Middleware finalAnkit Anand
 
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...WSO2
 
Secure Elements in Web Applications
Secure Elements in Web ApplicationsSecure Elements in Web Applications
Secure Elements in Web ApplicationsOlivier Potonniée
 
Why upgrade your MFA to Adaptive Authentication?
Why upgrade your MFA to Adaptive Authentication?Why upgrade your MFA to Adaptive Authentication?
Why upgrade your MFA to Adaptive Authentication?WSO2
 
Cybersecurity: More than A DoD Issue
Cybersecurity: More than A DoD IssueCybersecurity: More than A DoD Issue
Cybersecurity: More than A DoD IssueRobert E Jones
 
[WSO2Con EU 2018] Identity APIs is the New Black
[WSO2Con EU 2018] Identity APIs is the New Black[WSO2Con EU 2018] Identity APIs is the New Black
[WSO2Con EU 2018] Identity APIs is the New BlackWSO2
 
[APIdays Singapore 2019] API Management in a Istio Service Mesh with WSO2 API...
[APIdays Singapore 2019] API Management in a Istio Service Mesh with WSO2 API...[APIdays Singapore 2019] API Management in a Istio Service Mesh with WSO2 API...
[APIdays Singapore 2019] API Management in a Istio Service Mesh with WSO2 API...WSO2
 
PLNOG 9: Pavel Minarik - Network Traffic & Security Monitoring in Examples
PLNOG 9: Pavel Minarik - Network Traffic & Security Monitoring in Examples PLNOG 9: Pavel Minarik - Network Traffic & Security Monitoring in Examples
PLNOG 9: Pavel Minarik - Network Traffic & Security Monitoring in Examples PROIDEA
 
Design & Secure Your Connected Product
Design & Secure Your Connected ProductDesign & Secure Your Connected Product
Design & Secure Your Connected ProductMohamad CHEHADI
 
Supporting your remote clients with bomgar
Supporting your remote clients with bomgarSupporting your remote clients with bomgar
Supporting your remote clients with bomgarGary Wilhelm
 
Develop and/or Secure your IoT project, see how MU-Electronics can help you
Develop and/or Secure your IoT project, see how MU-Electronics can help youDevelop and/or Secure your IoT project, see how MU-Electronics can help you
Develop and/or Secure your IoT project, see how MU-Electronics can help youMohamad CHEHADI
 
Security architecture best practices for saas applications
Security architecture best practices for saas applicationsSecurity architecture best practices for saas applications
Security architecture best practices for saas applicationskanimozhin
 
Secure element content
Secure element contentSecure element content
Secure element contentManjula Weerasinghe
 
[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...
[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...
[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...WSO2
 
PCI Virtual Terminals - The Easy Way
PCI Virtual Terminals - The Easy WayPCI Virtual Terminals - The Easy Way
PCI Virtual Terminals - The Easy WayBoyd Aaron Sigmon, GCIH
 
The New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and SecurityThe New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and SecurityPrecisely
 
Compliance technical controls and you rva sec 2019
Compliance technical controls and you rva sec 2019Compliance technical controls and you rva sec 2019
Compliance technical controls and you rva sec 2019Derek Banks
 
PCI-DSS v3.0 - What you need to know
PCI-DSS v3.0 - What you need to knowPCI-DSS v3.0 - What you need to know
PCI-DSS v3.0 - What you need to knowBarry Shteiman
 
CNIT 128 7: Mobile Device Management
CNIT 128 7: Mobile Device ManagementCNIT 128 7: Mobile Device Management
CNIT 128 7: Mobile Device ManagementSam Bowne
 
DIGITAL TOLL TAX SYSTEM
DIGITAL TOLL TAX SYSTEMDIGITAL TOLL TAX SYSTEM
DIGITAL TOLL TAX SYSTEMAmitSaha123
 
Logincat MFA and SSO
Logincat MFA and SSOLogincat MFA and SSO
Logincat MFA and SSORohit Kapoor
 
BIG-IP Edge Gateway
BIG-IP Edge GatewayBIG-IP Edge Gateway
BIG-IP Edge GatewayDSorensenCPR
 
ERP Security. Myths, Problems, Solutions
ERP Security. Myths, Problems, SolutionsERP Security. Myths, Problems, Solutions
ERP Security. Myths, Problems, SolutionsERPScan
 
E-Signature Basics and Innovation
E-Signature Basics and InnovationE-Signature Basics and Innovation
E-Signature Basics and InnovationeSignLive by VASCO
 
Architect a Winning Mobile Application
Architect a Winning Mobile ApplicationArchitect a Winning Mobile Application
Architect a Winning Mobile ApplicationTechWell
 
Architecting SaaS
Architecting SaaSArchitecting SaaS
Architecting SaaSAxEdge Consulting
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 
Securing Apache Web Servers
Securing Apache Web ServersSecuring Apache Web Servers
Securing Apache Web ServersInformation Technology
 

More Related Content

What's hot

[APIdays Singapore 2019] API Management in a Istio Service Mesh with WSO2 API...
[APIdays Singapore 2019] API Management in a Istio Service Mesh with WSO2 API...[APIdays Singapore 2019] API Management in a Istio Service Mesh with WSO2 API...
[APIdays Singapore 2019] API Management in a Istio Service Mesh with WSO2 API...WSO2
 
PLNOG 9: Pavel Minarik - Network Traffic & Security Monitoring in Examples
PLNOG 9: Pavel Minarik - Network Traffic & Security Monitoring in Examples PLNOG 9: Pavel Minarik - Network Traffic & Security Monitoring in Examples
PLNOG 9: Pavel Minarik - Network Traffic & Security Monitoring in Examples PROIDEA
 
Design & Secure Your Connected Product
Design & Secure Your Connected ProductDesign & Secure Your Connected Product
Design & Secure Your Connected ProductMohamad CHEHADI
 
Supporting your remote clients with bomgar
Supporting your remote clients with bomgarSupporting your remote clients with bomgar
Supporting your remote clients with bomgarGary Wilhelm
 
Develop and/or Secure your IoT project, see how MU-Electronics can help you
Develop and/or Secure your IoT project, see how MU-Electronics can help youDevelop and/or Secure your IoT project, see how MU-Electronics can help you
Develop and/or Secure your IoT project, see how MU-Electronics can help youMohamad CHEHADI
 
Security architecture best practices for saas applications
Security architecture best practices for saas applicationsSecurity architecture best practices for saas applications
Security architecture best practices for saas applicationskanimozhin
 
[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...
[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...
[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...WSO2
 
The New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and SecurityThe New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and SecurityPrecisely
 
Compliance technical controls and you rva sec 2019
Compliance technical controls and you rva sec 2019Compliance technical controls and you rva sec 2019
Compliance technical controls and you rva sec 2019Derek Banks
 
PCI-DSS v3.0 - What you need to know
PCI-DSS v3.0 - What you need to knowPCI-DSS v3.0 - What you need to know
PCI-DSS v3.0 - What you need to knowBarry Shteiman
 
CNIT 128 7: Mobile Device Management
CNIT 128 7: Mobile Device ManagementCNIT 128 7: Mobile Device Management
CNIT 128 7: Mobile Device ManagementSam Bowne
 
DIGITAL TOLL TAX SYSTEM
DIGITAL TOLL TAX SYSTEMDIGITAL TOLL TAX SYSTEM
DIGITAL TOLL TAX SYSTEMAmitSaha123
 
Logincat MFA and SSO
Logincat MFA and SSOLogincat MFA and SSO
Logincat MFA and SSORohit Kapoor
 
BIG-IP Edge Gateway
BIG-IP Edge GatewayBIG-IP Edge Gateway
BIG-IP Edge GatewayDSorensenCPR
 
ERP Security. Myths, Problems, Solutions
ERP Security. Myths, Problems, SolutionsERP Security. Myths, Problems, Solutions
ERP Security. Myths, Problems, SolutionsERPScan
 
E-Signature Basics and Innovation
E-Signature Basics and InnovationE-Signature Basics and Innovation
E-Signature Basics and InnovationeSignLive by VASCO
 
Architect a Winning Mobile Application
Architect a Winning Mobile ApplicationArchitect a Winning Mobile Application
Architect a Winning Mobile ApplicationTechWell
 

What's hot (20)

[APIdays Singapore 2019] API Management in a Istio Service Mesh with WSO2 API...
[APIdays Singapore 2019] API Management in a Istio Service Mesh with WSO2 API...[APIdays Singapore 2019] API Management in a Istio Service Mesh with WSO2 API...
[APIdays Singapore 2019] API Management in a Istio Service Mesh with WSO2 API...
 
PLNOG 9: Pavel Minarik - Network Traffic & Security Monitoring in Examples
PLNOG 9: Pavel Minarik - Network Traffic & Security Monitoring in Examples PLNOG 9: Pavel Minarik - Network Traffic & Security Monitoring in Examples
PLNOG 9: Pavel Minarik - Network Traffic & Security Monitoring in Examples
 
Design & Secure Your Connected Product
Design & Secure Your Connected ProductDesign & Secure Your Connected Product
Design & Secure Your Connected Product
 
Supporting your remote clients with bomgar
Supporting your remote clients with bomgarSupporting your remote clients with bomgar
Supporting your remote clients with bomgar
 
Develop and/or Secure your IoT project, see how MU-Electronics can help you
Develop and/or Secure your IoT project, see how MU-Electronics can help youDevelop and/or Secure your IoT project, see how MU-Electronics can help you
Develop and/or Secure your IoT project, see how MU-Electronics can help you
 
Security architecture best practices for saas applications
Security architecture best practices for saas applicationsSecurity architecture best practices for saas applications
Security architecture best practices for saas applications
 
Secure element content
Secure element contentSecure element content
Secure element content
 
[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...
[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...
[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...
 
PCI Virtual Terminals - The Easy Way
PCI Virtual Terminals - The Easy WayPCI Virtual Terminals - The Easy Way
PCI Virtual Terminals - The Easy Way
 
The New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and SecurityThe New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and Security
 
Compliance technical controls and you rva sec 2019
Compliance technical controls and you rva sec 2019Compliance technical controls and you rva sec 2019
Compliance technical controls and you rva sec 2019
 
PCI-DSS v3.0 - What you need to know
PCI-DSS v3.0 - What you need to knowPCI-DSS v3.0 - What you need to know
PCI-DSS v3.0 - What you need to know
 
CNIT 128 7: Mobile Device Management
CNIT 128 7: Mobile Device ManagementCNIT 128 7: Mobile Device Management
CNIT 128 7: Mobile Device Management
 
DIGITAL TOLL TAX SYSTEM
DIGITAL TOLL TAX SYSTEMDIGITAL TOLL TAX SYSTEM
DIGITAL TOLL TAX SYSTEM
 
Logincat MFA and SSO
Logincat MFA and SSOLogincat MFA and SSO
Logincat MFA and SSO
 
BIG-IP Edge Gateway
BIG-IP Edge GatewayBIG-IP Edge Gateway
BIG-IP Edge Gateway
 
ERP Security. Myths, Problems, Solutions
ERP Security. Myths, Problems, SolutionsERP Security. Myths, Problems, Solutions
ERP Security. Myths, Problems, Solutions
 
E-Signature Basics and Innovation
E-Signature Basics and InnovationE-Signature Basics and Innovation
E-Signature Basics and Innovation
 
Architect a Winning Mobile Application
Architect a Winning Mobile ApplicationArchitect a Winning Mobile Application
Architect a Winning Mobile Application
 
Architecting SaaS
Architecting SaaSArchitecting SaaS
Architecting SaaS
 

Viewers also liked

Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 
Network architecture
Network architectureNetwork architecture
Network architectureOnline
 
OTG - Practical Hands on VAPT
OTG - Practical Hands on VAPTOTG - Practical Hands on VAPT
OTG - Practical Hands on VAPTshiriskumar
 

Viewers also liked (9)

Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing Basics
 
Securing Apache Web Servers
Securing Apache Web ServersSecuring Apache Web Servers
Securing Apache Web Servers
 
Osi model 7 Layers
Osi model 7 LayersOsi model 7 Layers
Osi model 7 Layers
 
Network architecture
Network architectureNetwork architecture
Network architecture
 
Vapt pci dss methodology ppt v1.0
Vapt pci dss methodology ppt v1.0Vapt pci dss methodology ppt v1.0
Vapt pci dss methodology ppt v1.0
 
OTG - Practical Hands on VAPT
OTG - Practical Hands on VAPTOTG - Practical Hands on VAPT
OTG - Practical Hands on VAPT
 
VAPT, Ethical Hacking and Laws in India by prashant mali
VAPT, Ethical Hacking and Laws in India by prashant maliVAPT, Ethical Hacking and Laws in India by prashant mali
VAPT, Ethical Hacking and Laws in India by prashant mali
 
Denial of Service Attacks
Denial of Service AttacksDenial of Service Attacks
Denial of Service Attacks
 
OSI Model
OSI ModelOSI Model
OSI Model
 

Similar to Understanding ITG Functions and Services

Information Security Audit Consultant
Information Security Audit ConsultantInformation Security Audit Consultant
Information Security Audit Consultantdcs HH
 
Eit corporate presentation
Eit corporate presentationEit corporate presentation
Eit corporate presentationEitpresentation
 
Eit corporate presentation
Eit corporate presentationEit corporate presentation
Eit corporate presentationEitpresentation
 
Eit corporate presentation
Eit corporate presentationEit corporate presentation
Eit corporate presentationeitwork
 
How to Ensure High-Performing Microsoft .NET Applications
How to Ensure High-Performing Microsoft .NET ApplicationsHow to Ensure High-Performing Microsoft .NET Applications
How to Ensure High-Performing Microsoft .NET ApplicationseG Innovations
 
Innovate 2013 session 1243 mobile testing.v3
Innovate 2013 session 1243 mobile testing.v3Innovate 2013 session 1243 mobile testing.v3
Innovate 2013 session 1243 mobile testing.v3Leigh Williamson
 
Going Mobile at a Glance - Do you need to build from scratch?
Going Mobile at a Glance - Do you need to build from scratch?Going Mobile at a Glance - Do you need to build from scratch?
Going Mobile at a Glance - Do you need to build from scratch?Cronos Mobile
 
End to-End Monitoring for ITSM and DevOps
End to-End Monitoring for ITSM and DevOpsEnd to-End Monitoring for ITSM and DevOps
End to-End Monitoring for ITSM and DevOpseG Innovations
 
GDPR Compliance Countdown - Is your Application environment ready?
GDPR Compliance Countdown - Is your Application environment ready?GDPR Compliance Countdown - Is your Application environment ready?
GDPR Compliance Countdown - Is your Application environment ready?QualiQuali
 
GOUSE_BAIG_DOTNET_5Yrs
GOUSE_BAIG_DOTNET_5YrsGOUSE_BAIG_DOTNET_5Yrs
GOUSE_BAIG_DOTNET_5YrsGouse Baig
 
Appmotives - Software Testing As Service
Appmotives - Software Testing As ServiceAppmotives - Software Testing As Service
Appmotives - Software Testing As ServiceKalyan Paluri
 
Tech Talk #5 : USING NEWRELIC IN MOBILE DEVELOPMENT -Phan Đình Thái
Tech Talk #5 : USING NEWRELIC IN MOBILE DEVELOPMENT -Phan Đình Thái Tech Talk #5 : USING NEWRELIC IN MOBILE DEVELOPMENT -Phan Đình Thái
Tech Talk #5 : USING NEWRELIC IN MOBILE DEVELOPMENT -Phan Đình Thái Nexus FrontierTech
 
Aplication data security compliances
Aplication data security compliancesAplication data security compliances
Aplication data security compliancesAhmadi Madi
 
Improve_Application_Availability_and_Performance_Sales_Crib_Sheet.pdf
Improve_Application_Availability_and_Performance_Sales_Crib_Sheet.pdfImprove_Application_Availability_and_Performance_Sales_Crib_Sheet.pdf
Improve_Application_Availability_and_Performance_Sales_Crib_Sheet.pdfمنیزہ ہاشمی
 
Getting Started With ThousandEyes Proof of Concepts: End User Digital Experience
Getting Started With ThousandEyes Proof of Concepts: End User Digital ExperienceGetting Started With ThousandEyes Proof of Concepts: End User Digital Experience
Getting Started With ThousandEyes Proof of Concepts: End User Digital ExperienceThousandEyes
 
iBorg Sales pitch deck brief.pptx
iBorg Sales pitch deck brief.pptxiBorg Sales pitch deck brief.pptx
iBorg Sales pitch deck brief.pptxSomyaTomar8
 
Getting Started with ThousandEyes Proof of Concepts
Getting Started with ThousandEyes Proof of ConceptsGetting Started with ThousandEyes Proof of Concepts
Getting Started with ThousandEyes Proof of ConceptsThousandEyes
 

Similar to Understanding ITG Functions and Services (20)

Information Security Audit Consultant
Information Security Audit ConsultantInformation Security Audit Consultant
Information Security Audit Consultant
 
Eit corporate presentation
Eit corporate presentationEit corporate presentation
Eit corporate presentation
 
Eit corporate presentation
Eit corporate presentationEit corporate presentation
Eit corporate presentation
 
Eit corporate presentation
Eit corporate presentationEit corporate presentation
Eit corporate presentation
 
How to Ensure High-Performing Microsoft .NET Applications
How to Ensure High-Performing Microsoft .NET ApplicationsHow to Ensure High-Performing Microsoft .NET Applications
How to Ensure High-Performing Microsoft .NET Applications
 
Innovate 2013 session 1243 mobile testing.v3
Innovate 2013 session 1243 mobile testing.v3Innovate 2013 session 1243 mobile testing.v3
Innovate 2013 session 1243 mobile testing.v3
 
Going Mobile at a Glance - Do you need to build from scratch?
Going Mobile at a Glance - Do you need to build from scratch?Going Mobile at a Glance - Do you need to build from scratch?
Going Mobile at a Glance - Do you need to build from scratch?
 
End to-End Monitoring for ITSM and DevOps
End to-End Monitoring for ITSM and DevOpsEnd to-End Monitoring for ITSM and DevOps
End to-End Monitoring for ITSM and DevOps
 
GDPR Compliance Countdown - Is your Application environment ready?
GDPR Compliance Countdown - Is your Application environment ready?GDPR Compliance Countdown - Is your Application environment ready?
GDPR Compliance Countdown - Is your Application environment ready?
 
GOUSE_BAIG_DOTNET_5Yrs
GOUSE_BAIG_DOTNET_5YrsGOUSE_BAIG_DOTNET_5Yrs
GOUSE_BAIG_DOTNET_5Yrs
 
Appmotives - Software Testing As Service
Appmotives - Software Testing As ServiceAppmotives - Software Testing As Service
Appmotives - Software Testing As Service
 
Tech Talk #5 : USING NEWRELIC IN MOBILE DEVELOPMENT -Phan Đình Thái
Tech Talk #5 : USING NEWRELIC IN MOBILE DEVELOPMENT -Phan Đình Thái Tech Talk #5 : USING NEWRELIC IN MOBILE DEVELOPMENT -Phan Đình Thái
Tech Talk #5 : USING NEWRELIC IN MOBILE DEVELOPMENT -Phan Đình Thái
 
AshishShrivastava_Capgemini
AshishShrivastava_CapgeminiAshishShrivastava_Capgemini
AshishShrivastava_Capgemini
 
Aplication data security compliances
Aplication data security compliancesAplication data security compliances
Aplication data security compliances
 
Improve_Application_Availability_and_Performance_Sales_Crib_Sheet.pdf
Improve_Application_Availability_and_Performance_Sales_Crib_Sheet.pdfImprove_Application_Availability_and_Performance_Sales_Crib_Sheet.pdf
Improve_Application_Availability_and_Performance_Sales_Crib_Sheet.pdf
 
MoizChhatriwalaPotrfolio
MoizChhatriwalaPotrfolioMoizChhatriwalaPotrfolio
MoizChhatriwalaPotrfolio
 
Vamsi_Resume_Latest
Vamsi_Resume_LatestVamsi_Resume_Latest
Vamsi_Resume_Latest
 
Getting Started With ThousandEyes Proof of Concepts: End User Digital Experience
Getting Started With ThousandEyes Proof of Concepts: End User Digital ExperienceGetting Started With ThousandEyes Proof of Concepts: End User Digital Experience
Getting Started With ThousandEyes Proof of Concepts: End User Digital Experience
 
iBorg Sales pitch deck brief.pptx
iBorg Sales pitch deck brief.pptxiBorg Sales pitch deck brief.pptx
iBorg Sales pitch deck brief.pptx
 
Getting Started with ThousandEyes Proof of Concepts
Getting Started with ThousandEyes Proof of ConceptsGetting Started with ThousandEyes Proof of Concepts
Getting Started with ThousandEyes Proof of Concepts
 

Recently uploaded

MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLMONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLSeo
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...rajveerescorts2022
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.Aaiza Hassan
 
RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataExhibitors Data
 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxAndy Lambert
 
Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Roland Driesen
 
Call Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room ServiceCall Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room Servicediscovermytutordmt
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...amitlee9823
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdfRenandantas16
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...lizamodels9
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...Aggregage
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyEthan lee
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangaloreamitlee9823
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...Paul Menig
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Dave Litwiller
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsP&CO
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityEric T. Tung
 

Recently uploaded (20)

MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLMONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.
 
RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors Data
 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptx
 
Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...
 
Call Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room ServiceCall Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room Service
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
 
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
 
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pillsMifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and pains
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League City
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 

Understanding ITG Functions and Services

  • 1. AUDITime Information Systems (India) Pvt. Ltd. Understanding ITG Functions
  • 2. Topics ▪ ITG Services Offered ▪ Services Explained ▪ Web Site & Web Application ▪ Server: Internal Vulnerability Assessment ▪ White-Box, Grey-Box & Black-Box ▪ Network Device ▪ Mobile Application – Vulnerability Assessment ▪ General IS Audit ▪ Questionaries for Customer Engagement ▪ Standard Technical Proposal Format for different ITG Services
  • 3. ITG Services Offered ▪ End to end IT Infrastructure Audit ▪ Application Functional / Security Audit including Mobile Apps. ▪ Network Security Audit including wireless security ▪ Gap Analysis for iSO 27001-2013 ▪ Consultancy for implementation of iSO 27001-2013 ▪ Business Continuity ? DR Plan process Audit ▪ Business Impact Analysis ▪ CTCL Audits ▪ Process Audits ▪ Data Centre Audits ▪ VAPT Services ▪ Website Security audits ▪ STQC Audits include application security, VAPT, Audit as per CVC Guidelines, ISO 27001
  • 4. Application Security / Functionality Audits ▪ Different Types of applications ▪ Non-web based ▪ Web based ▪ Mobile based ▪ Non web based are like Finacle at present. Done with manual methods ▪ Web based like internet Banking ▪ Mobile based like mobile banking ▪ Except non web all require the methodology of VAPT from tools apart from manual methods.
  • 5. Standards / bench marks used ▪ ISO 27001-2013 ▪ COBIT ▪ OWASP Top 10 vulnerabilities ▪ Mobile OWASP Guidelines ▪ CIS Bench Marks
  • 7. Web Application (DYNAMIC) A web application is defined by its interaction with the user. It depends on interaction and requires programmatic user input and data processing. For example: Mail, Search Engine, Login – based application.
  • 8. Web Application - Example Login Application Internet Banking App. Mail / Chat App. E-Commerce App. E-Tendering App.
  • 9. Website (usually STATIC) A website is defined by its content. It can plausibly consist of a static content repository that's dealt out to all visitors. For example: News site, Informational portal.
  • 11. Black, Grey and white Box Testing
  • 13. Mobile Platforms iOS Android Blackberry Windows
  • 15. Internal VAPT Servers and network devices are the components of Internal VAPT Exercise. We can do internal VA at Client Location or through VPN Access We require Admin credentials for thorough vulnerability assessment of the scope device. Configuration files are analysed in network Device VA. Nessus tool is used apart from other open source tools such as Nmap.
  • 16. Network Devices • Switch • Router • Firewall • Intrusion Prevention System • Intrusion Detection System