The document discusses a webinar on penetration testing basics hosted by ControlCase, highlighting its role as a compliance partner in IT. It details the importance of penetration testing for enhancing security posture, preventing data breaches, and complying with regulations. ControlCase offers comprehensive compliance services, including its proprietary tools and a partnership approach to simplify compliance while serving over 1,000 clients globally.

1. YOUR IT COMPLIANCE PARTNER
GO BEYOND THE CHECKLIST
WEBINAR
Penetration Testing Basics

2. ControlCase. All Rights Reserved. 2
Agenda
Introduction to
Penetration
Testing
Importance of
Penetration
Testing
Penetration
Testing Services
Services Detail
01 02 03
04
Outcomes &
Reports
05
Q&A
06

3. Shashank Vaidya
Vice President
Cybersecurity Services
Sandeep Joshi
VP Business Development
Presenters:

4. ControlCase
Snapshot
© ControlCase. All Rights Reserved.

5. © ControlCase. All Rights Reserved. 5
ControlCase Overview
Best-in-Class
Compliance
Platform
 ControlCase is revolutionizing the way enterprises and organizations deal with the numerous and
frequently changing IT compliance and regulatory requirements
 Proprietarysoftware, including appliance and SaaS solutions, that enable CaaS (GRC and Data Discovery)
 Compelling proprietary offering combining proprietary software, certification/audits, and managed services on a
single platform.
 One AuditTM enables our clientele to Assess once: Comply to Many
 Leadershippositions in the PCI DSS, SOC 2, ISO 27001, HIPAA, HITRUST, FedRAMP and CMMC domains
 Serving over 1,000 customers
 Global footprint with offices in the U.S., LATAM, Europe, India, Canada, and UAE
 Leverages an offshore delivery infrastructure for competitive advantage
 IT compliance manager for multiple industry segments including banking, service providers, retail,
hospitality, and telecom
Global Vision
& Solutions
Enhancement
Provider of Compliance as a Service (CaaS)
subscription-based offering bundling proprietary GRC
software and managed services
Founded in 2004
Headquartered in Fairfax,
VA
Offices in U.S., Canada,
India
250+ employees

6. ControlCase Snapshot
© ControlCase. All Rights Reserved. 6
CERTIFICATION AND CONTINUOUS COMPLIANCE SERVICES
Go beyond the auditor’s checklist to: Dramatically reduce the time, cost, and burden of maintaining IT compliance and becoming certified.
Demonstrate
compliance more
efficiently and cost
effectively (cost
certainty)
Offload much of the
compliance burden to a
trusted compliance
partner
Improve efficiencies
by doing more with
less resources and gain
compliance peace of
mind
1,000+
CLIENTS
10,000+
IT SECURITY
CERTIFICATIONS
275+
SECURITY
EXPERTS

7. ControlCase Snapshot – Solution
© ControlCase. All Rights Reserved. 7
Certification and
Continuous
Compliance Services
Partnership
Approach
Compliance
HUBTM
+ =
IT Certification
Services
Continuous
Compliance
Services
&

8. Certification Services
One Audit
Assess Once. Comply to Many.
© ControlCase. All Rights Reserved. 8

9. © ControlCase. All Rights Reserved.
What is Penetration
Testing

10. What is Penetration Testing
© ControlCase. All Rights Reserved. 10
Identify Security
Vulnerabilities
Real-World
Attack Simulation
Focused on CIA
Triad

11. © ControlCase. All Rights Reserved.
Why is Penetration Testing
Important for Your Org?

12. Why is Penetration Testing Important?
© 2020 ControlCase. All Rights Reserved. 12
27
15
5
0 1 0 0 1 3 2 0 0 1 0 0
2 1
41
0
5
10
15
20
25
30
35
40
45
Compromises by Attack Vectors (in %)

13. Why is Penetration Testing Important?
© ControlCase. All Rights Reserved. 13
Prevent Data Breach
Enhances Security Posture
Cost Effective
Compliance and Regulations
Projects Brand Reputation
Boosts Customer Confidence

14. © ControlCase. All Rights Reserved.
What are the Penetration
Testing Services?

15. Four Sectors of Data Breach
© 2020 ControlCase. All Rights Reserved. 15
DATA
BREACH
Misconfiguration
Segment Test
Card Data Discovery
Firewall Rule-Set Review
Secure Code Review
Config Review
Wireless Scan / WIFI Penetration Testing
Net. Sec. Architecture Review
Vulnerability Management
ASV Scan
External NPT
IVA Scan
Internal NPT
Application PT
Phishing and Insider Threats
Training
Social Engineering
IT Security Audit
Supply Chain Attacks
Third-Party Security Audit

16. © ControlCase. All Rights Reserved.
Penetration Testing
Overview & Detail

17. Penetration Testing Details
© ControlCase. All Rights Reserved. 17
Highly Skilled and
Experienced Subject
Matter Experts
Well-Defined
Methodology
Industry Recognized
Tools
ControlCase
Compliance Hub
Certifications from
Industry recognized
Institutions including
EC-Council
Offensive Security
Global Information
Assurance
Certification(GIAC)
CompTIA
ISACA
ISC2
Product Specialization
Coverage of well-known
Standards including PCI
DSS, NIST, OWASP,
SANS
Hybrid Approach
(automated and manual
testing)
Simplified with 3 Steps
Approach including
Information Gathering
Execution
Revalidation
Use of Industry
Recognized Tools
including
Nessus Professional
Qualys
Rapid7 Nexpose
Netsparker
BurpSuite Professional
Titania Nipper
Snappy Tick
Metasploit
Innovative Technology
with use of secure
channels and MFA
Multipurpose Single
Platform for
Communication
Data Storage
Report Deliveries
Status Tracking

18. © ControlCase. All Rights Reserved.
Penetration Testing
Outcomes & Report

19. Penetration Testing Outcomes
ControlCase. All Rights Reserved. 19
• Technical Outcome
• Detailed Vulnerability Identification with Proof of
Concept
• Security GAPs in environment and assistance in
remediation
• Effective Implementation of Security Controls
• Performance Insights
• Senior Management Outcomes
• Risk Overview
• Prioritized Action Plan and Improved Decision-
Making
• Compliance and Regulatory Alignment
• Reputation Management
• Enhanced Stakeholder Confidence

20. © ControlCase. All Rights Reserved.
Why
ControlCase

21. Summary – Why ControlCase?
Partnership
Approach
Continuous
Compliance
Services
Compliance
HUB
Approved Scanning Vendors (ASV) for the last
17 years
Cert-In Accredited for the last 10 years
CREST Accredited Organization
100+ Security Testers
Global Presence to Support
© ControlCase. All Rights Reserved. 21

22. © ControlCase. All Rights Reserved.
Q&A – Open
Forum

23. Special Pricing
© ControlCase. All Rights Reserved. 23
Attendees of this webinar are eligible for special
discounted pricing.
Please email contact@controlcase.com for more
information
Code in email: ccweb24

24. Thank you for the
opportunity to contribute to
your IT compliance program.
For additional queries/support
contact@controlcase.com