Uploaded bySushantGautam10
2,347 views

Organization And Management Case Study Report, (IOE, TU)

The document discusses cybersecurity software development at LogPoint, a company focused on security information and event management (SIEM). It provides an overview of LogPoint's products, services, organizational structure, and use of agile software development methodology. LogPoint's main product is a SIEM tool that provides advanced threat detection, security monitoring, and incident response capabilities. The company uses an agile approach like Scrum for software development, with sprints, daily stand-ups, and emphasis on customer collaboration and feedback.

Embed presentation

NATIONAL COLLEGE OF ENGINEERING Talchhikhel, Lalitpur A Case Study Report on “Cybersecurity Software development at LogPoint” Submitted by Sushant Gautam Submitted to Associate Professor IOE, Shyam Krishna Joshi DEPARTMENT OF SCIENCE AND HUMANITIES February, 02
i ACKNOWLEDGEMENT I would like to thanks our Organization and Mangement subject Teacher Shyam Krishna Joshi for his brudent suggestions and motivation to initiate this case study. I would heartily thanks to Ms. Barsha Bista, HR Manager of LogPoint for providing the detail information about the company. We would be grateful to Er.Sarina Dangol, Project Manager for providing the details about software development methodology in LogPoint.We would also like to thanks all the staffs and developers of the LogPoint Nepal Pvt. Ltd. for their kind support on our study. Finally yet importantly, we would like to thanks for Er. Prabin Silwal coordinating to organization visit and all the friends and teachers who directly and indirectly help to make this case study fruitful.
ii TABLE OF CONTENTS Acknowledgement................................................................................................................i Table Of Contents................................................................................................................ii 1 Introduction .................................................................................................................1 1.1 What is SIEM (Security Information and Event Management)?...........................1 1.2 Types of Cyber Attack...........................................................................................2 1.2.1 Phising Attack .................................................................................................2 1.2.2 Insider Threats.................................................................................................2 1.2.3 Denial of Service (DOS) .................................................................................2 1.2.4 Malware...........................................................................................................2 1.2.5 Weak Credentials ............................................................................................3 1.3 Vision Of the Company: ........................................................................................3 2 Products and Services of Logpoint..............................................................................4 2.1 Critical Capabilities of LogPoint ...........................................................................4 2.1.1 Advanced threat detection...............................................................................4 2.1.2 Security Monitoring ........................................................................................4 2.1.3 Investigation and Incident Response...............................................................5 3 Organizational Structure..............................................................................................5 3.1 Functional Structure of LogPoint...........................................................................6 4 Personnel Management ...............................................................................................7 4.1 Job Selection and Recruitment Process .................................................................7 4.2 Wage and Salary Structure.....................................................................................8
iii 4.3 Performance Appraisals.........................................................................................9 5 Motivation ...................................................................................................................9 6 IMPLEMENTATION OF AGILE SOFTWARE DEVELOPMENT AT LogPoint.11 7 Management Information System .............................................................................17 8 Conclusion.................................................................................................................19 9 Sugesstion..................................................................................................................20 References .........................................................................................................................21
1 | P a g e 1 INTRODUCTION LogPoint Nepal pvt. Ltd. is cybersecurity, data security enterprise software development company. LogPoint is headquartered in Copenhagen, Denmark, introduced its SIEM solution to the market in 2008 called LogPoint, and has since experienced continuous growth. The company name and product name LogPoint is same. In 2012 Series, Danish ICT specialist investor DICO, who will remain as an investor, provided a funding. The Company is Located at Steel Tower, third floor, Jawalakhel, Lalitpur, Nepal. It is focused on next generation security information and event management (SIEM) and big data analytics platform. The present CEO of this company is experienced female Nepali IT- engineer, Mona Nyachhyon her excellence is in Scrum and Agile Software Development at LogPoint. First the concept of LogPoint is introduce by the TU IOE student since 2005 and Danish investment foundation provide investment to fully implement that concept into reality. LogPoint Software Company is popularly known by their SIEM tool, which is a high performing, and easy-to-use solution for security information and event management (SIEM). It major focus on Improvement, Development, Sales of the product called LogPoint beside that other custom software is not built by it. 1.1 What is SIEM (Security Information and Event Management)? A security information and event management (SIEM) solution is a central tool in the risk management toolkit. A great SIEM tool allows businesses to improve threat detection and response by providing real-time data analysis, early detection of data breaches, data collection, data storage and accurate data reporting. Today’s next-gen SIEM solutions enable your company to react quickly and precisely in the event of a threat or data leak.As described in the SIEM definition above, a next-gen SIEM solution provides management, integration, correlation, and analysis in one place,
2 | P a g e making it easier to monitor and troubleshoot the IT infrastructure in real time. Without a SIEM solution, a security analyst must go through millions of non-comparable data stored in “silos” for each hardware, software, and security source. In short, one can define SIEM as a solution standing for simplicity. 1.2 Types of Cyber Attack 1.2.1 Phising Attack Phishing email attacks are untargeted, mass emails sent to many recipients that are meant to acquire sensitive information (e.g. password, username or bank details). With this information, a hacker can perform a data breach. It’s difficult to spot a phishing email because it’s disguised as a trustworthy entity that prompts a recipient to visit a malicious website. Spear-phishing is a more targeted form of cyber An email is designed to look like it’s been sent from a person the recipient knows or trusts. Senior management or privileged account owners are often the target of spear-phishing attacks. 1.2.2 Insider Threats Employees orchestrate an emerging method common in many recent data breaches, internal cybersecurity threats. Insider threats can be unintentional (an employee who falls victim to a phishing attack) or malicious (a disgruntled employee deliberately extracting data). Regardless, a data breach from the inside is especially difficult to detect. 1.2.3 Denial of Service (DOS) These cyberattacks occur when a hacker floods a website with more traffic than it can handle. As a result, legitimate users are denied access to the services, resulting in costly downtime of employees or users. Distributed denial of service (DDoS) attacks utilize a botnet – a group of compromised computers or IoT devices. Botnets can look like legitimate traffic, making it difficult to distinguish normal from malicious traffic. 1.2.4 Malware Among the most common cybersecurity threats, malware refers to multiple forms of harmful software executed when a user mistakenly downloads it. Some of the most recent
3 | P a g e cybersecurity breaches involved malware, including the ransomware attacks WannaCry and Petya/NotPetya. Traditional malware such as viruses, Trojans and backdoors also remain persistent. 1.2.5 Weak Credentials Privileged accounts can be compromised when credentials are misused or reused. A hacker can use what appears to be a legitimate web application to retrieve the credentials from an unknowing employee. Subsequently, the hacker gains access to sensitive information and can either breach or lock data (ransomware) for financial benefit. Especially damaging, it’s tempting for employees to use the same password across systems. Reusing credentials on multiple systems makes it easy for the hacker to move around in your infrastructure. 1.3 Vision Of the Company: LogPoint main vision is to building on cybersecurity expertise, empower organization to achieve digital transformation simpy and safely. The missions of the company are:  Accelerating their customer’s ability to safely build, manage and transform their businesses, in a complex world.  Provide cybersecurity automation and analytics that create contextual awareness to support security, compliance, operations, and business decisions.  Create the difference by their services on the Client work.  Provide a great SIEM tool, which allows businesses to improve threat detection and response, by providing real-time data analysis, early detection of data breaches, data collection, data storage and accurate data reporting.
4 | P a g e 2 PRODUCTS AND SERVICES OF LOGPOINT LogPoint is a software company that focus on Improvement, Development, Sales of the main product called LogPoint beside that other custom software is not built by it. It add feature on the cybersecurity whenever the business needs of client increases. The main services are:  It receive the trouble tickets of clients to overcome the issues of client. Mostly there customers are from Europe.  Provide a great SIEM tool, which allows businesses to improve threat detection and response, by providing real-time data analysis, early detection of data breaches, data collection, data storage and accurate data reporting.  Introduce next generation SIEM tool capability of future threats prediction, early warning to the business organization etc. 2.1 Critical Capabilities of LogPoint According to Gartner, there are three main areas where a next-gen SIEM solution should excel – advanced threat detection, security monitoring, investigation, and incident response. They had said that their SIEM delivers excellent results in each of those areas. 2.1.1 Advanced threat detection LogPoint’s SIEM tool, advanced threat detection is executed in real time and over long periods of time, allowing analysis and reporting of trends and behaviors of entities and users within the organization. 2.1.2 Security Monitoring LogPoint is an effective log management tool, allowing for basic security monitoring and is often used for compliance reporting and real-time monitoring of security controls. LogPoint meets basic threat detection, compliance auditing and reporting requirements. Popular use cases among our customers for basic security monitoring covers a broad range of security sources, including:  Perimeter and network devices  Endpoint agents
5 | P a g e  Critical applications  Other infrastructure components 2.1.3 Investigation and Incident Response Capability of AI and Data Science present inside the LogPoint tool investigate any fraud activities of user during using it. The system self learn from mistake and identify irrelevant activites and quick response to the system administratot. 3 ORGANIZATIONAL STRUCTURE LogPoint is global company pioneer to provide security services to its clients. LogPoint has maintained a logical hierarchy of management committee. Committee manage the organization as a whole. The organization is properly managed and structured so that all the activities can be carried out much more efficiently and effectively. Being multinational company with it’s headquater based on Denmark. The organization is Single ownership organization invested by Denish Investment foundation. It’s customers are primarily security services mainly on Europe and along in United States, India and Nepal. The Organization has a hybrid type of structure. Though it can be summed up to be a Figure 2-1Block Diagram of Structure of LogPoint
6 | P a g e hierarchical structure. One president who control whole organization branch all over the world. Then CEO is of 2-3 layers . The sales and customer support is handle by Sales and Marketing Department which is mainly located on Europe alongside in United States. Board of directors based on all lower level suggestion makes the organization policy, new plan. All the management activities are controlled and coordinated by the manager. As a LogPoint is a big company, such that many manager respective of their department are allocated which has their own individual authority and responsibility. In order to assist senior manager, engineering manager and project managers are employed. There is senior developer in which around 5 junior developer work under it. 3.1 Functional Structure of LogPoint The functional structure comprises of units that are necessary for the organization to operate fully. To make scalable and fully operate it has 4 sections which has it’s own responsibilty and authority: Sales and Marketing Section: This department is mainly responsible for sale of the product and services to the clients, plan to give discount for users, search for partnership of product, tabulate market needs and prepare report about the new clients need associated in next product. Security Service Section: Focus on security related issues of the product, what are the security services should the product give and validate the quality of services given by it. Developer Section: Main concern about developing the product, features and implement clients changing requirements and to take the product in new level. Project Manager, Senior and Junior developer work together to make it happen. Quality Assurance Testing team also belong to it.
7 | P a g e Management and Admin Section: Rest of the employees are working in the administration and the management section. 4 PERSONNEL MANAGEMENT 4.1 Job Selection and Recruitment Process LogPoint pvt. Ltd Nepal has currently about 200 employees working for the organization and it does have the aim of expanding the organization so that it can provide employment to more than 300 staff. There are different levels of employees in this organization. The level 1 are interns. For the intake of interns in the organization, written exams for the internship applicants is conducted. Additionally, the candidates have to appear in two interviews of which the best ones are selected. LogPoint opens job vacancy based on client’s demands, to increase services, product improvement. Job selection and recruiting process by LogPoint is done in three steps: 1 First, the job vacancy is posted in “Workable” – UK Software, mainly in Mero Job Protal, sometimes directly search from linkedIn and circulate to the internal employee. The employee get bonus if he/she recommend the best candidate for the work. 2 The interested one drop the CV, personal information to the organizational webpage, where HR head currently Ms. Barsha Bista, analyze their information, if seem to be capable then, send the invitation for interview. 3 Interview process is done in two phase: 1.1Technical phase: The technical team related to work, arise the question about how it is sound about technology, security related queries etc. This phase describe person technical skills related to the work.
8 | P a g e 1.2Management: The management team take interview and ask about at least 2 years of dedication of his/her work in LogPoint, where his/her management skills are tested, interest to work in Logpoint, future plan and can’t give 2 years of dedication then at that time interviewer is rejected. Finally, if employee is capable then ready to begin with training. The employee of related department give 3 months of training to understand how the work happen here, about product features, services and his/her responsibility. To be said that most competent, well knowledge about programming, Data structures and algorithm, security in internet person are highly recommend in LogPoint for developer. 4.2 Wage and Salary Structure According to HR Manager, LogPoint has hierarchial distributed Salary structure based on the post and work of employees. The Direct Compensation includes salary based on work. LogPoint also provides indirect compensation including health insurance of employee including his/her family, retirement allowance etc. Job Post Interview Analyse and Select for Interview Search from LinkedIn Internal empolyee recommendation Decision Job TrainingOK? Invitation Figure 4-1Job Recruitment Process of Logpoint
9 | P a g e 4.3 Performance Appraisals LogPoint hires new employee based on needs of their clients, product improvement. The new employeee, existing employee performance appraisals is on Annual Basis. In Annual Basis, the employee post might get upgrade with his salary based on his/her contribution towards the work.Extra bonus is given for excellence performance. In addition, the fun trip is also provided for the good work. Company also provide advance trainning related to the work to upgrade the good employee skill collaboration with LogPoint Head Office of Denmark. 5 MOTIVATION Motivation is a set of forces that directs an individual to the behavior that results in better job performance. A motivated employee might work harder the expected to complete the task, proactively find ways to mprove the qulity and efficienty of the work environment. LogPoint is leading company in cybersecurity products globally and board members are concerned with motivation of employee. LogPoint has also tried its best to motivated its employees through building silent and cool environment which helps to work in peaceful mind. The different departments and owes its own working space and work in a team. For Example, Security department team manage security issues arise in product whereas data analyst team perform analysis of data. The employees are provided with sports facilities like basketball, table tennis, badminton etc. Company has set up a canteen for the staffs and provide hygienic 3 times meal. For some employees working late night, company offers transportation service and drop them to their home. Others company features for motivation of employee are:  The new empolyee get salary provision according to New Labour ACT and company policy.
10 | P a g e  Consider sick leaves about 3-4 days in a month.  Medical Insurance of employee and his/her family also.  They also organize training and seminars from time to time to sharpen the skills among the employees  Two times retreat in every year as hiking and excursion visits in a periodic way to build strong teams among the employees and get relax.  For Individual Fun of employee, separate fund is allocated, and provided for them quarterly.  Annual performance appraisal and salary increment . We found friendly co-workers and helpful people around the office. Facility provided by the company is awesome. Research and developvement are highly appreciated at the company. So, we found that company is aware of need of motivation for the employees and they are applying different techniques for the employees motivation.
11 | P a g e 6 IMPLEMENTATION OF AGILE SOFTWARE DEVELOPMENT AT LOGPOINT LogPoint is officially certifiy, uses the Agile (Scrum) software development methodology. The company is focused on Customer satisfaction by rapid delivery of user requirements and handle the changed requirement. Managers make sprint for each task in which each sprint can be of 1 week - 2 weeks. The scrum methodology at LogPoint is explain under these headings: Roles: There are three core roles and other auxiliary roles often regard as mediatory role. Core Roles: The core roles are those committed to the project in the Scrum process—they are the ones producing the product (objective of the project). They represent the scrum team. Product Owner: The core role of Product owner is gather requirements of clients, Market study and research about the new version what should it be. The Product Owner represents the stakeholders and is the voice of the customer. He or she is Accountable for ensuring that the team delivers value to the business. The Product Owner writes customer-centric items (typically user stories), prioritizes them, and adds them to the product backlog. Project Manager: Project Manager is the head of the project handover in the organization. The main task are:  Formulate Plan  Tabulate Milestones: o Manage number of resources  to complete in given time.
12 | P a g e  High Level Estimate : Prepare WBS in terms of hours.  Prioritze the work make sure that every developer, Lead architect, QA work properly and integrately.  Team Motivation, Leading and Time Management for every task. Development Team: The Development Team is responsible for delivering potentially shippable product increments at the end of each Sprint. The development team of 4-10 are choose as an unit combine of Lead Architect, Developer, Quality Assurance team and Documentation team. .The Development Team in Scrum is self-organizing, even though they may interface with project management organizations (PMOs).Scrum Master Scrum is facilitated by a Scrum Master, who is accountable for removing impediments to the ability of the team to deliver the sprint goal/deliverables. The Scrum Master is not the team leader, but acts as a buffer between the team and any distracting influences. A key part of the Scrum Master’s role is to protect the Development Team and keep it focused on the tasks at hand. The role has also been referred to as a servant-leader to reinforce these dual perspectives. The Scrum Master differs from a Project Manager in that the latter may have people management responsibilities unrelated to the role of Scrum Master. Lead Architect Developer QA Doc 10 people = 1 unit Figure 6-1Development Team In LogPoint
13 | P a g e Meetings: The different meetings in the scrum methodology at LogPoint explain as: Daily Scrum: At LogPoint, a daily scrum meeting of all the teams is held at the round table. Each day during the sprint, a project team communication meeting occurs. This is called a daily scrum, or the daily standup. The meeting has specific guidelines: 1. All members of the development Team come prepared with the updates for the meeting. 2. The meeting starts precisely on time even if some development team members are missing. 3. The meeting should happen at the same location and same time every day. 4. The meeting length is set (time boxed) to around 15 minutes All are welcome, but normally only the core roles speak during the meeting, each team member answers three questions: 1. What have I done since yesterday? 2. What are I plann to do today? 3. What are the hinderances/obstacles occur in that? Any hinderances/obstacles block identified in this meeting is documented by the Scrum Master and worked towards resolution outside of this meeting. No detailed discussions shall happen in this meeting Backlog grooming: Storytime In every sprint, it is happen once. In one month maximum 8 hours Backlog grooming happens. Main objective of that is to define exceptation criteria, and how to achieve is discussed in it. The team should spend time during a sprint doing product backlog grooming. This is the process of estimating the existing backlog using effort/points,
14 | P a g e refining the acceptance criteria for individual stories, and breaking larger stories into smaller stories. Meeting does not include breaking stories into tasks. The team can decide how many meetings are needed per week depending upon the task they are doing. The method used at LogPoint is the planning poker. Scrum of Scrums: This is held each day normally after the Daily Scrum. These meetings allow clusters of teams to discuss their work, focusing especially on areas of overlap and integration. A designated person from each team attends. The agenda will be the same as the Daily Scrum, plus the following four questions: 1. What has your team done since we last met? 2. What will your team do before we meet again? 3. Is anything slowing your team down or getting in their way? 4. Are you about to put something in another team’s way? Sprint Planning meeting: At the beginning of the sprint cycle (every 7–30 days), a “Sprint planning meeting” is held. What work to be done is first selected. Then the Sprint Backlog is prepared that details the time it will take to do that work, with the entire team. Identification of how much of the work is likely to be done during the current sprint is done. At the end of a sprint cycle, two meetings are held: the “Sprint Review Meeting” and the “Sprint Retrospective”. Sprint review meeting: In this meeting the work that was completed and not completed are reviewed. The completed work is presented to the stakeholders (a.k.a. “the demo”). But incomplete work are not demonstrated. Four-hour time limit is set up for this meeting. For backtrack what had done to achieve milestone. This see on process focused.
15 | P a g e Sprint retrospective: All team members reflect on the past sprint. Make continuous process improvements. Two main questions are asked in the sprint retrospective: 1. What went well during the sprint? 2. What could be improved in the next sprint? Three-hour time limit. This meeting is facilitated by the ScrumMaster. The no. of sprints depends on the type of project that is being developed. The length of the project can range from a no. of days days, weeks to months. Project Environments: A project has 4 environments – Development, Testing, UAT and Production. Development Environment: This is where the software is developed. LogPoint works as security services which are cirtical things. Manily used as JAVA, Python for development. The selenium tool is used for Good code clarification, clean code practice. Bit Bucket is used for version Management. Testing Environment: After the application was developed to an agreed stage, it is released to the testing environment. This is where the testers ensures the quality of the application, open bugs and review bug fixes. The final developed code is passed from the selenium software where it validates all organization standard to make production ready. From that the automatic modules are dispatch and gets hosted on different particular server.
16 | P a g e User Acceptance Test Environment (UAT): The software is then moved from internal testing to client testing. This is where the client- testers verify the quality of the application and send issues if there are any this is also where the client assesses the application and can request changes to better fit his requirements. Production Environment: This is where the application goes out to the world and become production Agile Testing at LogPoint: Testing is not considered a separate phase, but an integral part of software development, along with coding. Agile teams use a "whole-team" approach to "baking quality in" to the software product. Testers on agile teams lend their expertise in eliciting examples of desired behavior from customers, collaborating with the development team to turn those into executable specifications that guide coding. Testing and coding are done incrementally and iteratively, building up each feature until it provides enough value to release to production. Quality of Software very important. A product goes thorough various phases of quality tests. If any software doesn't pass the quality check, it is then returned backed to the development environment and the quality is ensured. Jenkins tool is used to build Auto Continous Integration and Continous Deployment (CICD). Overall process is based on Test Driven Development (TDD).
17 | P a g e 7 MANAGEMENT INFORMATION SYSTEM The use and importance of data is growing exponentially at the current time. Every organizations have huge amount of data to process. These data may be the information about the organization or the information needed for the organization. The information adds value to organizations, as well as, it helps organizations to survive among intensive competition. Therefore, organizations need information for management. Management Information System, commonly referred as MIS is basically computer systems in an enterprise that provide information about its business operations. It's also used to refer to the people who manage these systems. Typically, in a large corporation, "MIS" or the "MIS department" refers to a central or centrally-coordinated system of computer expertise and management, also including, by extension the corporation's entire network of computer resources. Today, the term is used broadly in a number of contexts and includes (but is not limited to): decision support systems, resource and people management applications, project management, and database retrieval applications. MIS compound of theories of computer science and management science. These theories build system and program utilization. Normally, MIS are integrated systems of users and machines (computers) with aiming to provide organizations’ information for operation, management and decision- making. These systems use computer hardware and software. Furthermore, MIS are used to collect and cumulate data from several sources both internal and external organization for processing and arranging information. Therefore, executives or users can apply it for making decision and other management. MIS In LogPoint: We have asked to the Senior Project Manager about the management of information in LogPoint and he gave us the brief idea about it and its implementation in the organization. LogPoint works to make cybersecurity, business data security products which are highly
18 | P a g e sensitive so they have to assure that the security of information is maintained. It stores all the business activites of the client who are using their product and analyse it and able to predict the fraud activites held on their business process. But this information is not seen to the internal employees. None of the employee is allowed to take the information to their home and also the information is not stored in the personal computers. For attendance, a finger print machine is set-up at the entrance. Employee should enter their finger on the machine for attendance. They have their own HR management tool. It tracks how many days employee worked, went to leave, his/her educational details, trainings conducted, fresher to work in their organization.
19 | P a g e 8 CONCLUSION From our case study, we have concluded that software development in Nepal is in a progressive phase. LogPoint is the leading company to build security products and provide securtiy services of world class. LogPoint is also has been providing lots of contribution in the development of software in Nepal. It has become the global certified company for agile scrum work. The personnel management at LogPoint is of top class, which has helped in recruiting talented employees as well as sharpening the talents of employees at Deerwalk. The most of the employee are motivated and satisfied form their jobs. Being located on our developing country, LogPoint plays an incredible role on providing cybersecurity, business security which prevents the country data form unauthorized access. LogPoint is outsourcing their security product and provide services to the Europe including USA. Here in Nepal, the overall LogPoint product are made. Security is next generation needs. We have the connections all over the world, for be safe our data over the internet we need security services which are essential need for every organization, individual and even country. We have made study about cybersecurity software development in LogPoint sucessfully.
20 | P a g e 9 SUGESSTION  LogPoint also consider building other software beside the current SIEM tool to broad the company vision and its goal.  The security information and event management (SIEM) solution is a central tool in the risk management toolkit but it can be even better if it is decentralize according to region, or customer services to increase realiabilty and performance.  Providing cloud services can be even better if it can be integrate with Azure, AWS, and SalesForces services. Advice For Management:  Make the communication channel more clear and add more facilities to employees because it gives them more reason to stick around. Give training to employees so that they get better and will give output.  There is lot of room to improve the management style and motivate the employees from the development team from Nepal. Somehow the developers might need to get the training on security rather just the software development.
21 | P a g e REFERENCES [1]Organizational Structure Defination and Therory “http://www.businessdictionary.com/definition/organizational-structure.html” [2] A Guide to the Project Management Body of Knowledge (PMBOK® Guide) — Sixth Edition and Agile Practice Guide (ENGLISH)

More Related Content

PPTX
Definition of cloud computing
byGOVERNMENT COLLEGE OF ENGINEERING,TIRUNELVELI
 
PPT
SOA Unit I
byDileep Kumar G
 
PDF
Cloud service lifecycle management
byAnimesh Chaturvedi
 
PPTX
Chapter 06: cloud computing trends
bySsendiSamuel
 
PPTX
Fundamental cloud security
byAsmaa Ibrahim
 
PPTX
Networking in cloud computing
byBarani Tharan
 
PDF
Artificial Intelligence Question Bank
bySpardhavijetha2DrKMs
 
ODP
Debian general presentation
byDing Zhou
 
Definition of cloud computing
byGOVERNMENT COLLEGE OF ENGINEERING,TIRUNELVELI
 
SOA Unit I
byDileep Kumar G
 
Cloud service lifecycle management
byAnimesh Chaturvedi
 
Chapter 06: cloud computing trends
bySsendiSamuel
 
Fundamental cloud security
byAsmaa Ibrahim
 
Networking in cloud computing
byBarani Tharan
 
Artificial Intelligence Question Bank
bySpardhavijetha2DrKMs
 
Debian general presentation
byDing Zhou
 

What's hot

PPTX
Steganography Project
byJitu Choudhary
 
PPTX
student database management system
byMd. Riadul Islam
 
PDF
E learning project report (Yashraj Nigam)
byYashraj Nigam
 
DOCX
Gym Management System User Manual
byDavid O' Connor
 
DOCX
Sequence Diagram of Hotel Management System
bySushil Mishra
 
DOCX
Online attendance management system
byDeepankar Sandhibigraha
 
PDF
Implementation Model
byFáber D. Giraldo
 
DOC
Online Attendance Management System
byRIDDHICHOUHAN2
 
PDF
Steganography final report
byABHIJEET KHIRE
 
PPTX
Online event management system
byRamakrishnareddy8554
 
PPTX
Wireless network security
byShahid Beheshti University
 
PPTX
Steganography
byMayank Saxena
 
PDF
Employee Management System in C++
byJayant Gope
 
PPTX
Security services and mechanisms
byRajapriya82
 
PPTX
Dual Layer Security Of Data Using LSB Image Steganography And AES Encryption ...
byBikash Chandra Prusty
 
PPTX
Steganography
byJosh Kumar
 
PPTX
Placement Cell project
byManish Kumar
 
PDF
IMAGE STEGANOGRAPHY JAVA PROJECT SYNOPSIS
byShivam Porwal
 
RTF
Project report-on-student-information-management-system-php-mysql
byRaj Sharma
 
PPT
Steganography
byShankar Murthy
 
Steganography Project
byJitu Choudhary
 
student database management system
byMd. Riadul Islam
 
E learning project report (Yashraj Nigam)
byYashraj Nigam
 
Gym Management System User Manual
byDavid O' Connor
 
Sequence Diagram of Hotel Management System
bySushil Mishra
 
Online attendance management system
byDeepankar Sandhibigraha
 
Implementation Model
byFáber D. Giraldo
 
Online Attendance Management System
byRIDDHICHOUHAN2
 
Steganography final report
byABHIJEET KHIRE
 
Online event management system
byRamakrishnareddy8554
 
Wireless network security
byShahid Beheshti University
 
Steganography
byMayank Saxena
 
Employee Management System in C++
byJayant Gope
 
Security services and mechanisms
byRajapriya82
 
Dual Layer Security Of Data Using LSB Image Steganography And AES Encryption ...
byBikash Chandra Prusty
 
Steganography
byJosh Kumar
 
Placement Cell project
byManish Kumar
 
IMAGE STEGANOGRAPHY JAVA PROJECT SYNOPSIS
byShivam Porwal
 
Project report-on-student-information-management-system-php-mysql
byRaj Sharma
 
Steganography
byShankar Murthy
 

Similar to Organization And Management Case Study Report, (IOE, TU)

PPTX
Logpoint Presentation SIEM Presentation Slide
byandisusanto47
 
PPTX
Logpoint Presentation SIEM Presentation Slides
byandisusanto47
 
PPTX
Logpoint Presentation SIEM Presentation slide
byandisusanto47
 
PPTX
Logpoint Presentation SIEM Presentation Slide
byandisusanto47
 
PDF
Maceo Wattley Contributor Infosec
byDr. Maceo D. Wattley
 
PDF
Cybersecurity Series SEIM Log Analysis
byJim Kaplan CIA CFE
 
PPTX
Security Information and Event Management (SIEM)
byk33a
 
PDF
Guide to high volume data sources for SIEM
byJoseph DeFever
 
PPTX
Splunk for Security Breakout Session
bySplunk
 
PDF
Security - intelligence - maturity-model-ciso-whitepaper
byCMR WORLD TECH
 
PDF
The SIEM Buyer Guide the siem buyer guide
byroongrus
 
PPTX
Cyber Security Needs and Challenges
byHappiest Minds Technologies
 
PPTX
SIEM - Your Complete IT Security Arsenal
byManageEngine EventLog Analyzer
 
PPTX
Big Data Analytics for Cyber Security: A Quick Overview
byFemi Ashaye
 
PPTX
Cybersecurity and digital Security fundamentals for students
byyogenderjalal2000
 
PPTX
SplunkLive! - Splunk for Security
bySplunk
 
PPTX
Beginner's Guide to SIEM
byAlienVault
 
PDF
Wc4
bySaid Wali
 
PDF
A Pragmatic Approach to SIEM: Buy for Compliance, Use for Security
byTripwire
 
PPTX
Introduction to SIEM.pptx
byneoalt
 
Logpoint Presentation SIEM Presentation Slide
byandisusanto47
 
Logpoint Presentation SIEM Presentation Slides
byandisusanto47
 
Logpoint Presentation SIEM Presentation slide
byandisusanto47
 
Logpoint Presentation SIEM Presentation Slide
byandisusanto47
 
Maceo Wattley Contributor Infosec
byDr. Maceo D. Wattley
 
Cybersecurity Series SEIM Log Analysis
byJim Kaplan CIA CFE
 
Security Information and Event Management (SIEM)
byk33a
 
Guide to high volume data sources for SIEM
byJoseph DeFever
 
Splunk for Security Breakout Session
bySplunk
 
Security - intelligence - maturity-model-ciso-whitepaper
byCMR WORLD TECH
 
The SIEM Buyer Guide the siem buyer guide
byroongrus
 
Cyber Security Needs and Challenges
byHappiest Minds Technologies
 
SIEM - Your Complete IT Security Arsenal
byManageEngine EventLog Analyzer
 
Big Data Analytics for Cyber Security: A Quick Overview
byFemi Ashaye
 
Cybersecurity and digital Security fundamentals for students
byyogenderjalal2000
 
SplunkLive! - Splunk for Security
bySplunk
 
Beginner's Guide to SIEM
byAlienVault
 
Wc4
bySaid Wali
 
A Pragmatic Approach to SIEM: Buy for Compliance, Use for Security
byTripwire
 
Introduction to SIEM.pptx
byneoalt
 

Recently uploaded

PPTX
Value engineering and cost analysis with case study
byhp9879098082
 
PDF
Weak Incentives (WINK): The Agent Definition Layer
byAndrei Savu
 
PDF
Shear Strength of Soil (Direct shear test).pdf
byMahmoodKhalid11
 
PDF
Module 4 python programming-1BPLCK105B-2025 by Dr.SV.pdf
bySURESHA V
 
PDF
Ericsson 6230 Training Module Document.pdf
byMd Bellal Hossain
 
PPTX
How Does LNG Regasification Work | INOXCVA
byINOXCVA
 
PDF
Computer Graphics Fundamentals (v0p1) - DannyJiang
byDanny Jiang
 
PPTX
ME3592 - Metrology and Measurements - Unit - 1 - Lecture Notes
bypprakash21252
 
PDF
Unit-I Process Management 1.9 Scheduling Criteria, Scheduling Algorithms
bySanjay Gunjal
 
PDF
Basics of Electronics Task by Vivaan Jo Varghese.pdf
byVivaan Jo Varghese
 
PDF
Soil Compressibility (Elastic Settlement).pdf
byMahmoodKhalid11
 
PDF
NS unit wise unit wise 1 -5 so prepare,.
bykumaransudhan1512
 
PDF
engineering management chapter 5 ppt presentation
byericaangelatoledo06
 
PPTX
Presentation-WPS Office.pptx afgouvhyhgfccf
byEndaleTimerga
 
PDF
Role of Training and Development in Enhancing Safety Performance in Opencast ...
byRathin Biswas
 
PPTX
Designing Work for Humans, Not Machines: Human-Centered Maintenance Excellence
byMaintWiz Technologies Private Limited
 
PDF
Computer Network Lab Manual ssit -kavya r.pdf or Computer Network Lab Manual ...
bykavya R
 
PPT
Oracle Advanced subquery and types of subquery
bytejaswinikulkarni549
 
PDF
Enhancing optical fiber communication systems using repetition coding for imp...
byMouweffeqBouregaa
 
PDF
Model QP 2025 scheme Q &A- Module 1 and 2.pdf
bySURESHA V
 
Value engineering and cost analysis with case study
byhp9879098082
 
Weak Incentives (WINK): The Agent Definition Layer
byAndrei Savu
 
Shear Strength of Soil (Direct shear test).pdf
byMahmoodKhalid11
 
Module 4 python programming-1BPLCK105B-2025 by Dr.SV.pdf
bySURESHA V
 
Ericsson 6230 Training Module Document.pdf
byMd Bellal Hossain
 
How Does LNG Regasification Work | INOXCVA
byINOXCVA
 
Computer Graphics Fundamentals (v0p1) - DannyJiang
byDanny Jiang
 
ME3592 - Metrology and Measurements - Unit - 1 - Lecture Notes
bypprakash21252
 
Unit-I Process Management 1.9 Scheduling Criteria, Scheduling Algorithms
bySanjay Gunjal
 
Basics of Electronics Task by Vivaan Jo Varghese.pdf
byVivaan Jo Varghese
 
Soil Compressibility (Elastic Settlement).pdf
byMahmoodKhalid11
 
NS unit wise unit wise 1 -5 so prepare,.
bykumaransudhan1512
 
engineering management chapter 5 ppt presentation
byericaangelatoledo06
 
Presentation-WPS Office.pptx afgouvhyhgfccf
byEndaleTimerga
 
Role of Training and Development in Enhancing Safety Performance in Opencast ...
byRathin Biswas
 
Designing Work for Humans, Not Machines: Human-Centered Maintenance Excellence
byMaintWiz Technologies Private Limited
 
Computer Network Lab Manual ssit -kavya r.pdf or Computer Network Lab Manual ...
bykavya R
 
Oracle Advanced subquery and types of subquery
bytejaswinikulkarni549
 
Enhancing optical fiber communication systems using repetition coding for imp...
byMouweffeqBouregaa
 
Model QP 2025 scheme Q &A- Module 1 and 2.pdf
bySURESHA V
 

Organization And Management Case Study Report, (IOE, TU)

  • 1.
    NATIONAL COLLEGE OFENGINEERING Talchhikhel, Lalitpur A Case Study Report on “Cybersecurity Software development at LogPoint” Submitted by Sushant Gautam Submitted to Associate Professor IOE, Shyam Krishna Joshi DEPARTMENT OF SCIENCE AND HUMANITIES February, 02
  • 2.
    i ACKNOWLEDGEMENT I would liketo thanks our Organization and Mangement subject Teacher Shyam Krishna Joshi for his brudent suggestions and motivation to initiate this case study. I would heartily thanks to Ms. Barsha Bista, HR Manager of LogPoint for providing the detail information about the company. We would be grateful to Er.Sarina Dangol, Project Manager for providing the details about software development methodology in LogPoint.We would also like to thanks all the staffs and developers of the LogPoint Nepal Pvt. Ltd. for their kind support on our study. Finally yet importantly, we would like to thanks for Er. Prabin Silwal coordinating to organization visit and all the friends and teachers who directly and indirectly help to make this case study fruitful.
  • 3.
    ii TABLE OF CONTENTS Acknowledgement................................................................................................................i TableOf Contents................................................................................................................ii 1 Introduction .................................................................................................................1 1.1 What is SIEM (Security Information and Event Management)?...........................1 1.2 Types of Cyber Attack...........................................................................................2 1.2.1 Phising Attack .................................................................................................2 1.2.2 Insider Threats.................................................................................................2 1.2.3 Denial of Service (DOS) .................................................................................2 1.2.4 Malware...........................................................................................................2 1.2.5 Weak Credentials ............................................................................................3 1.3 Vision Of the Company: ........................................................................................3 2 Products and Services of Logpoint..............................................................................4 2.1 Critical Capabilities of LogPoint ...........................................................................4 2.1.1 Advanced threat detection...............................................................................4 2.1.2 Security Monitoring ........................................................................................4 2.1.3 Investigation and Incident Response...............................................................5 3 Organizational Structure..............................................................................................5 3.1 Functional Structure of LogPoint...........................................................................6 4 Personnel Management ...............................................................................................7 4.1 Job Selection and Recruitment Process .................................................................7 4.2 Wage and Salary Structure.....................................................................................8
  • 4.
    iii 4.3 Performance Appraisals.........................................................................................9 5Motivation ...................................................................................................................9 6 IMPLEMENTATION OF AGILE SOFTWARE DEVELOPMENT AT LogPoint.11 7 Management Information System .............................................................................17 8 Conclusion.................................................................................................................19 9 Sugesstion..................................................................................................................20 References .........................................................................................................................21
  • 5.
    1 | Pa g e 1 INTRODUCTION LogPoint Nepal pvt. Ltd. is cybersecurity, data security enterprise software development company. LogPoint is headquartered in Copenhagen, Denmark, introduced its SIEM solution to the market in 2008 called LogPoint, and has since experienced continuous growth. The company name and product name LogPoint is same. In 2012 Series, Danish ICT specialist investor DICO, who will remain as an investor, provided a funding. The Company is Located at Steel Tower, third floor, Jawalakhel, Lalitpur, Nepal. It is focused on next generation security information and event management (SIEM) and big data analytics platform. The present CEO of this company is experienced female Nepali IT- engineer, Mona Nyachhyon her excellence is in Scrum and Agile Software Development at LogPoint. First the concept of LogPoint is introduce by the TU IOE student since 2005 and Danish investment foundation provide investment to fully implement that concept into reality. LogPoint Software Company is popularly known by their SIEM tool, which is a high performing, and easy-to-use solution for security information and event management (SIEM). It major focus on Improvement, Development, Sales of the product called LogPoint beside that other custom software is not built by it. 1.1 What is SIEM (Security Information and Event Management)? A security information and event management (SIEM) solution is a central tool in the risk management toolkit. A great SIEM tool allows businesses to improve threat detection and response by providing real-time data analysis, early detection of data breaches, data collection, data storage and accurate data reporting. Today’s next-gen SIEM solutions enable your company to react quickly and precisely in the event of a threat or data leak.As described in the SIEM definition above, a next-gen SIEM solution provides management, integration, correlation, and analysis in one place,
  • 6.
    2 | Pa g e making it easier to monitor and troubleshoot the IT infrastructure in real time. Without a SIEM solution, a security analyst must go through millions of non-comparable data stored in “silos” for each hardware, software, and security source. In short, one can define SIEM as a solution standing for simplicity. 1.2 Types of Cyber Attack 1.2.1 Phising Attack Phishing email attacks are untargeted, mass emails sent to many recipients that are meant to acquire sensitive information (e.g. password, username or bank details). With this information, a hacker can perform a data breach. It’s difficult to spot a phishing email because it’s disguised as a trustworthy entity that prompts a recipient to visit a malicious website. Spear-phishing is a more targeted form of cyber An email is designed to look like it’s been sent from a person the recipient knows or trusts. Senior management or privileged account owners are often the target of spear-phishing attacks. 1.2.2 Insider Threats Employees orchestrate an emerging method common in many recent data breaches, internal cybersecurity threats. Insider threats can be unintentional (an employee who falls victim to a phishing attack) or malicious (a disgruntled employee deliberately extracting data). Regardless, a data breach from the inside is especially difficult to detect. 1.2.3 Denial of Service (DOS) These cyberattacks occur when a hacker floods a website with more traffic than it can handle. As a result, legitimate users are denied access to the services, resulting in costly downtime of employees or users. Distributed denial of service (DDoS) attacks utilize a botnet – a group of compromised computers or IoT devices. Botnets can look like legitimate traffic, making it difficult to distinguish normal from malicious traffic. 1.2.4 Malware Among the most common cybersecurity threats, malware refers to multiple forms of harmful software executed when a user mistakenly downloads it. Some of the most recent
  • 7.
    3 | Pa g e cybersecurity breaches involved malware, including the ransomware attacks WannaCry and Petya/NotPetya. Traditional malware such as viruses, Trojans and backdoors also remain persistent. 1.2.5 Weak Credentials Privileged accounts can be compromised when credentials are misused or reused. A hacker can use what appears to be a legitimate web application to retrieve the credentials from an unknowing employee. Subsequently, the hacker gains access to sensitive information and can either breach or lock data (ransomware) for financial benefit. Especially damaging, it’s tempting for employees to use the same password across systems. Reusing credentials on multiple systems makes it easy for the hacker to move around in your infrastructure. 1.3 Vision Of the Company: LogPoint main vision is to building on cybersecurity expertise, empower organization to achieve digital transformation simpy and safely. The missions of the company are:  Accelerating their customer’s ability to safely build, manage and transform their businesses, in a complex world.  Provide cybersecurity automation and analytics that create contextual awareness to support security, compliance, operations, and business decisions.  Create the difference by their services on the Client work.  Provide a great SIEM tool, which allows businesses to improve threat detection and response, by providing real-time data analysis, early detection of data breaches, data collection, data storage and accurate data reporting.
  • 8.
    4 | Pa g e 2 PRODUCTS AND SERVICES OF LOGPOINT LogPoint is a software company that focus on Improvement, Development, Sales of the main product called LogPoint beside that other custom software is not built by it. It add feature on the cybersecurity whenever the business needs of client increases. The main services are:  It receive the trouble tickets of clients to overcome the issues of client. Mostly there customers are from Europe.  Provide a great SIEM tool, which allows businesses to improve threat detection and response, by providing real-time data analysis, early detection of data breaches, data collection, data storage and accurate data reporting.  Introduce next generation SIEM tool capability of future threats prediction, early warning to the business organization etc. 2.1 Critical Capabilities of LogPoint According to Gartner, there are three main areas where a next-gen SIEM solution should excel – advanced threat detection, security monitoring, investigation, and incident response. They had said that their SIEM delivers excellent results in each of those areas. 2.1.1 Advanced threat detection LogPoint’s SIEM tool, advanced threat detection is executed in real time and over long periods of time, allowing analysis and reporting of trends and behaviors of entities and users within the organization. 2.1.2 Security Monitoring LogPoint is an effective log management tool, allowing for basic security monitoring and is often used for compliance reporting and real-time monitoring of security controls. LogPoint meets basic threat detection, compliance auditing and reporting requirements. Popular use cases among our customers for basic security monitoring covers a broad range of security sources, including:  Perimeter and network devices  Endpoint agents
  • 9.
    5 | Pa g e  Critical applications  Other infrastructure components 2.1.3 Investigation and Incident Response Capability of AI and Data Science present inside the LogPoint tool investigate any fraud activities of user during using it. The system self learn from mistake and identify irrelevant activites and quick response to the system administratot. 3 ORGANIZATIONAL STRUCTURE LogPoint is global company pioneer to provide security services to its clients. LogPoint has maintained a logical hierarchy of management committee. Committee manage the organization as a whole. The organization is properly managed and structured so that all the activities can be carried out much more efficiently and effectively. Being multinational company with it’s headquater based on Denmark. The organization is Single ownership organization invested by Denish Investment foundation. It’s customers are primarily security services mainly on Europe and along in United States, India and Nepal. The Organization has a hybrid type of structure. Though it can be summed up to be a Figure 2-1Block Diagram of Structure of LogPoint
  • 10.
    6 | Pa g e hierarchical structure. One president who control whole organization branch all over the world. Then CEO is of 2-3 layers . The sales and customer support is handle by Sales and Marketing Department which is mainly located on Europe alongside in United States. Board of directors based on all lower level suggestion makes the organization policy, new plan. All the management activities are controlled and coordinated by the manager. As a LogPoint is a big company, such that many manager respective of their department are allocated which has their own individual authority and responsibility. In order to assist senior manager, engineering manager and project managers are employed. There is senior developer in which around 5 junior developer work under it. 3.1 Functional Structure of LogPoint The functional structure comprises of units that are necessary for the organization to operate fully. To make scalable and fully operate it has 4 sections which has it’s own responsibilty and authority: Sales and Marketing Section: This department is mainly responsible for sale of the product and services to the clients, plan to give discount for users, search for partnership of product, tabulate market needs and prepare report about the new clients need associated in next product. Security Service Section: Focus on security related issues of the product, what are the security services should the product give and validate the quality of services given by it. Developer Section: Main concern about developing the product, features and implement clients changing requirements and to take the product in new level. Project Manager, Senior and Junior developer work together to make it happen. Quality Assurance Testing team also belong to it.
  • 11.
    7 | Pa g e Management and Admin Section: Rest of the employees are working in the administration and the management section. 4 PERSONNEL MANAGEMENT 4.1 Job Selection and Recruitment Process LogPoint pvt. Ltd Nepal has currently about 200 employees working for the organization and it does have the aim of expanding the organization so that it can provide employment to more than 300 staff. There are different levels of employees in this organization. The level 1 are interns. For the intake of interns in the organization, written exams for the internship applicants is conducted. Additionally, the candidates have to appear in two interviews of which the best ones are selected. LogPoint opens job vacancy based on client’s demands, to increase services, product improvement. Job selection and recruiting process by LogPoint is done in three steps: 1 First, the job vacancy is posted in “Workable” – UK Software, mainly in Mero Job Protal, sometimes directly search from linkedIn and circulate to the internal employee. The employee get bonus if he/she recommend the best candidate for the work. 2 The interested one drop the CV, personal information to the organizational webpage, where HR head currently Ms. Barsha Bista, analyze their information, if seem to be capable then, send the invitation for interview. 3 Interview process is done in two phase: 1.1Technical phase: The technical team related to work, arise the question about how it is sound about technology, security related queries etc. This phase describe person technical skills related to the work.
  • 12.
    8 | Pa g e 1.2Management: The management team take interview and ask about at least 2 years of dedication of his/her work in LogPoint, where his/her management skills are tested, interest to work in Logpoint, future plan and can’t give 2 years of dedication then at that time interviewer is rejected. Finally, if employee is capable then ready to begin with training. The employee of related department give 3 months of training to understand how the work happen here, about product features, services and his/her responsibility. To be said that most competent, well knowledge about programming, Data structures and algorithm, security in internet person are highly recommend in LogPoint for developer. 4.2 Wage and Salary Structure According to HR Manager, LogPoint has hierarchial distributed Salary structure based on the post and work of employees. The Direct Compensation includes salary based on work. LogPoint also provides indirect compensation including health insurance of employee including his/her family, retirement allowance etc. Job Post Interview Analyse and Select for Interview Search from LinkedIn Internal empolyee recommendation Decision Job TrainingOK? Invitation Figure 4-1Job Recruitment Process of Logpoint
  • 13.
    9 | Pa g e 4.3 Performance Appraisals LogPoint hires new employee based on needs of their clients, product improvement. The new employeee, existing employee performance appraisals is on Annual Basis. In Annual Basis, the employee post might get upgrade with his salary based on his/her contribution towards the work.Extra bonus is given for excellence performance. In addition, the fun trip is also provided for the good work. Company also provide advance trainning related to the work to upgrade the good employee skill collaboration with LogPoint Head Office of Denmark. 5 MOTIVATION Motivation is a set of forces that directs an individual to the behavior that results in better job performance. A motivated employee might work harder the expected to complete the task, proactively find ways to mprove the qulity and efficienty of the work environment. LogPoint is leading company in cybersecurity products globally and board members are concerned with motivation of employee. LogPoint has also tried its best to motivated its employees through building silent and cool environment which helps to work in peaceful mind. The different departments and owes its own working space and work in a team. For Example, Security department team manage security issues arise in product whereas data analyst team perform analysis of data. The employees are provided with sports facilities like basketball, table tennis, badminton etc. Company has set up a canteen for the staffs and provide hygienic 3 times meal. For some employees working late night, company offers transportation service and drop them to their home. Others company features for motivation of employee are:  The new empolyee get salary provision according to New Labour ACT and company policy.
  • 14.
    10 | Pa g e  Consider sick leaves about 3-4 days in a month.  Medical Insurance of employee and his/her family also.  They also organize training and seminars from time to time to sharpen the skills among the employees  Two times retreat in every year as hiking and excursion visits in a periodic way to build strong teams among the employees and get relax.  For Individual Fun of employee, separate fund is allocated, and provided for them quarterly.  Annual performance appraisal and salary increment . We found friendly co-workers and helpful people around the office. Facility provided by the company is awesome. Research and developvement are highly appreciated at the company. So, we found that company is aware of need of motivation for the employees and they are applying different techniques for the employees motivation.
  • 15.
    11 | Pa g e 6 IMPLEMENTATION OF AGILE SOFTWARE DEVELOPMENT AT LOGPOINT LogPoint is officially certifiy, uses the Agile (Scrum) software development methodology. The company is focused on Customer satisfaction by rapid delivery of user requirements and handle the changed requirement. Managers make sprint for each task in which each sprint can be of 1 week - 2 weeks. The scrum methodology at LogPoint is explain under these headings: Roles: There are three core roles and other auxiliary roles often regard as mediatory role. Core Roles: The core roles are those committed to the project in the Scrum process—they are the ones producing the product (objective of the project). They represent the scrum team. Product Owner: The core role of Product owner is gather requirements of clients, Market study and research about the new version what should it be. The Product Owner represents the stakeholders and is the voice of the customer. He or she is Accountable for ensuring that the team delivers value to the business. The Product Owner writes customer-centric items (typically user stories), prioritizes them, and adds them to the product backlog. Project Manager: Project Manager is the head of the project handover in the organization. The main task are:  Formulate Plan  Tabulate Milestones: o Manage number of resources  to complete in given time.
  • 16.
    12 | Pa g e  High Level Estimate : Prepare WBS in terms of hours.  Prioritze the work make sure that every developer, Lead architect, QA work properly and integrately.  Team Motivation, Leading and Time Management for every task. Development Team: The Development Team is responsible for delivering potentially shippable product increments at the end of each Sprint. The development team of 4-10 are choose as an unit combine of Lead Architect, Developer, Quality Assurance team and Documentation team. .The Development Team in Scrum is self-organizing, even though they may interface with project management organizations (PMOs).Scrum Master Scrum is facilitated by a Scrum Master, who is accountable for removing impediments to the ability of the team to deliver the sprint goal/deliverables. The Scrum Master is not the team leader, but acts as a buffer between the team and any distracting influences. A key part of the Scrum Master’s role is to protect the Development Team and keep it focused on the tasks at hand. The role has also been referred to as a servant-leader to reinforce these dual perspectives. The Scrum Master differs from a Project Manager in that the latter may have people management responsibilities unrelated to the role of Scrum Master. Lead Architect Developer QA Doc 10 people = 1 unit Figure 6-1Development Team In LogPoint
  • 17.
    13 | Pa g e Meetings: The different meetings in the scrum methodology at LogPoint explain as: Daily Scrum: At LogPoint, a daily scrum meeting of all the teams is held at the round table. Each day during the sprint, a project team communication meeting occurs. This is called a daily scrum, or the daily standup. The meeting has specific guidelines: 1. All members of the development Team come prepared with the updates for the meeting. 2. The meeting starts precisely on time even if some development team members are missing. 3. The meeting should happen at the same location and same time every day. 4. The meeting length is set (time boxed) to around 15 minutes All are welcome, but normally only the core roles speak during the meeting, each team member answers three questions: 1. What have I done since yesterday? 2. What are I plann to do today? 3. What are the hinderances/obstacles occur in that? Any hinderances/obstacles block identified in this meeting is documented by the Scrum Master and worked towards resolution outside of this meeting. No detailed discussions shall happen in this meeting Backlog grooming: Storytime In every sprint, it is happen once. In one month maximum 8 hours Backlog grooming happens. Main objective of that is to define exceptation criteria, and how to achieve is discussed in it. The team should spend time during a sprint doing product backlog grooming. This is the process of estimating the existing backlog using effort/points,
  • 18.
    14 | Pa g e refining the acceptance criteria for individual stories, and breaking larger stories into smaller stories. Meeting does not include breaking stories into tasks. The team can decide how many meetings are needed per week depending upon the task they are doing. The method used at LogPoint is the planning poker. Scrum of Scrums: This is held each day normally after the Daily Scrum. These meetings allow clusters of teams to discuss their work, focusing especially on areas of overlap and integration. A designated person from each team attends. The agenda will be the same as the Daily Scrum, plus the following four questions: 1. What has your team done since we last met? 2. What will your team do before we meet again? 3. Is anything slowing your team down or getting in their way? 4. Are you about to put something in another team’s way? Sprint Planning meeting: At the beginning of the sprint cycle (every 7–30 days), a “Sprint planning meeting” is held. What work to be done is first selected. Then the Sprint Backlog is prepared that details the time it will take to do that work, with the entire team. Identification of how much of the work is likely to be done during the current sprint is done. At the end of a sprint cycle, two meetings are held: the “Sprint Review Meeting” and the “Sprint Retrospective”. Sprint review meeting: In this meeting the work that was completed and not completed are reviewed. The completed work is presented to the stakeholders (a.k.a. “the demo”). But incomplete work are not demonstrated. Four-hour time limit is set up for this meeting. For backtrack what had done to achieve milestone. This see on process focused.
  • 19.
    15 | Pa g e Sprint retrospective: All team members reflect on the past sprint. Make continuous process improvements. Two main questions are asked in the sprint retrospective: 1. What went well during the sprint? 2. What could be improved in the next sprint? Three-hour time limit. This meeting is facilitated by the ScrumMaster. The no. of sprints depends on the type of project that is being developed. The length of the project can range from a no. of days days, weeks to months. Project Environments: A project has 4 environments – Development, Testing, UAT and Production. Development Environment: This is where the software is developed. LogPoint works as security services which are cirtical things. Manily used as JAVA, Python for development. The selenium tool is used for Good code clarification, clean code practice. Bit Bucket is used for version Management. Testing Environment: After the application was developed to an agreed stage, it is released to the testing environment. This is where the testers ensures the quality of the application, open bugs and review bug fixes. The final developed code is passed from the selenium software where it validates all organization standard to make production ready. From that the automatic modules are dispatch and gets hosted on different particular server.
  • 20.
    16 | Pa g e User Acceptance Test Environment (UAT): The software is then moved from internal testing to client testing. This is where the client- testers verify the quality of the application and send issues if there are any this is also where the client assesses the application and can request changes to better fit his requirements. Production Environment: This is where the application goes out to the world and become production Agile Testing at LogPoint: Testing is not considered a separate phase, but an integral part of software development, along with coding. Agile teams use a "whole-team" approach to "baking quality in" to the software product. Testers on agile teams lend their expertise in eliciting examples of desired behavior from customers, collaborating with the development team to turn those into executable specifications that guide coding. Testing and coding are done incrementally and iteratively, building up each feature until it provides enough value to release to production. Quality of Software very important. A product goes thorough various phases of quality tests. If any software doesn't pass the quality check, it is then returned backed to the development environment and the quality is ensured. Jenkins tool is used to build Auto Continous Integration and Continous Deployment (CICD). Overall process is based on Test Driven Development (TDD).
  • 21.
    17 | Pa g e 7 MANAGEMENT INFORMATION SYSTEM The use and importance of data is growing exponentially at the current time. Every organizations have huge amount of data to process. These data may be the information about the organization or the information needed for the organization. The information adds value to organizations, as well as, it helps organizations to survive among intensive competition. Therefore, organizations need information for management. Management Information System, commonly referred as MIS is basically computer systems in an enterprise that provide information about its business operations. It's also used to refer to the people who manage these systems. Typically, in a large corporation, "MIS" or the "MIS department" refers to a central or centrally-coordinated system of computer expertise and management, also including, by extension the corporation's entire network of computer resources. Today, the term is used broadly in a number of contexts and includes (but is not limited to): decision support systems, resource and people management applications, project management, and database retrieval applications. MIS compound of theories of computer science and management science. These theories build system and program utilization. Normally, MIS are integrated systems of users and machines (computers) with aiming to provide organizations’ information for operation, management and decision- making. These systems use computer hardware and software. Furthermore, MIS are used to collect and cumulate data from several sources both internal and external organization for processing and arranging information. Therefore, executives or users can apply it for making decision and other management. MIS In LogPoint: We have asked to the Senior Project Manager about the management of information in LogPoint and he gave us the brief idea about it and its implementation in the organization. LogPoint works to make cybersecurity, business data security products which are highly
  • 22.
    18 | Pa g e sensitive so they have to assure that the security of information is maintained. It stores all the business activites of the client who are using their product and analyse it and able to predict the fraud activites held on their business process. But this information is not seen to the internal employees. None of the employee is allowed to take the information to their home and also the information is not stored in the personal computers. For attendance, a finger print machine is set-up at the entrance. Employee should enter their finger on the machine for attendance. They have their own HR management tool. It tracks how many days employee worked, went to leave, his/her educational details, trainings conducted, fresher to work in their organization.
  • 23.
    19 | Pa g e 8 CONCLUSION From our case study, we have concluded that software development in Nepal is in a progressive phase. LogPoint is the leading company to build security products and provide securtiy services of world class. LogPoint is also has been providing lots of contribution in the development of software in Nepal. It has become the global certified company for agile scrum work. The personnel management at LogPoint is of top class, which has helped in recruiting talented employees as well as sharpening the talents of employees at Deerwalk. The most of the employee are motivated and satisfied form their jobs. Being located on our developing country, LogPoint plays an incredible role on providing cybersecurity, business security which prevents the country data form unauthorized access. LogPoint is outsourcing their security product and provide services to the Europe including USA. Here in Nepal, the overall LogPoint product are made. Security is next generation needs. We have the connections all over the world, for be safe our data over the internet we need security services which are essential need for every organization, individual and even country. We have made study about cybersecurity software development in LogPoint sucessfully.
  • 24.
    20 | Pa g e 9 SUGESSTION  LogPoint also consider building other software beside the current SIEM tool to broad the company vision and its goal.  The security information and event management (SIEM) solution is a central tool in the risk management toolkit but it can be even better if it is decentralize according to region, or customer services to increase realiabilty and performance.  Providing cloud services can be even better if it can be integrate with Azure, AWS, and SalesForces services. Advice For Management:  Make the communication channel more clear and add more facilities to employees because it gives them more reason to stick around. Give training to employees so that they get better and will give output.  There is lot of room to improve the management style and motivate the employees from the development team from Nepal. Somehow the developers might need to get the training on security rather just the software development.
  • 25.
    21 | Pa g e REFERENCES [1]Organizational Structure Defination and Therory “http://www.businessdictionary.com/definition/organizational-structure.html” [2] A Guide to the Project Management Body of Knowledge (PMBOK® Guide) — Sixth Edition and Agile Practice Guide (ENGLISH)