SecureMetric Technology

Professional
Consultancy Services
ISO 27001 Consultancy Services

Comprehensive consultancy service to design, establish and implement Information

Security Management System (ISMS) based on ISO/IEC 27001

Security Posture Assessment

a) Social Engineering Awareness Assessment (SEAA)

SEAA is a threat awareness audit to gauge the employees awareness to information security incidents due to social
engineering attacks.

Features

Advantages

Non-intrusive malware simulation program complete with tools,

processes and outputs
Comprehensive post-evaluation assessment report covering:
o benchmark analysis
o segment hit rate analysis
o Fail / pass rational analysis
o Future awareness actions analysis
Recommendations based on training and policy / process
perspectives

Benets

Includes emerging security threats into the

simulation
Incorporates various spreading media into
the simulation
Congure exible user groups and attributes
for analytical purposes
Recommends best practices based on Trend
Micro IT security management expertise

Improved security policy adherence rate

Repeatable and scalable method in improving employees security awareness
Eective action roadmap to raise and maintain security awareness

Security Posture Assessment

b) Threat Assessment Service (TAS)

Threat Assessment Service is a valuable and insightful opportunity for you to evaluate the eectiveness of your current
security infrastructure. Want to know if malware has inltrated your systems? If sensitive data is being lost? The true
measure of your endpoint, web and messaging security?
Threat Assessment Service is enabled by the Trend Micro Threat
Discovery Appliance, a key component of Trend Micro Threat Management Services (TMS).
TMS is a non-intrusive network security overwatch service that provides an additional security layer that strengthens an
organizations existing security infrastructure against data-stealing malware threats that have evaded detection. It monitors
the corporate network for threatening malware activity and delivers discovery, containment, and remediation services that
provide a last line of defense for your valuable data and resources.

Features

Threat Assessment Service uses non-invasive technology

and the Trend Micro Smart Protection Network to
provide an informative risk report that reveals the
following information:
Active malware inltrations
Infection points
Threat exposure levels
Sensitive data loss
Potential compliance violations

Benets

Advantages

An expansion of the layered security approach

Provides Network Security Overwatch
evaluating data in movement across the
network
Discovers infections
Discovery of data-stealing malware that has
evaded detection
Revolutionary Pattern Free clean up for zero
day and new variants

The revealing TAS report will allow customers to:

o Examine potential vectors of infection
o Identify malware, information stealers, aected assets, infection sources, and disruptive applications
o Uncover sensitive data loss and regulatory compliance violations
o Pinpoint specic problem areas by IP address
o Evaluate the eectiveness of your web, messaging, and endpoint security
o Increase visibility into your security so that you can better understand how the threats occurred, where they entered your
network, and how to ll your security gaps

Security Posture Assessment

c) Data Loss Assessment (DLA)

DLA provides real-time content scanning of sensitive data at network layer to gauge the level of data loss in the organization. The service detects data leaks with a unique approach that uses highly accurate ngerprinting and content matching
technology.

Features

Assess the current vulnerabilities and identify the sensitive data on the network:
Data Loss Monitoring
Provides centralized management
Monitors sensitive data / intellectual property
Detect data stealing malware leveraging Smart Protection Network
o keyloggers, spyware and trojans that collect and post sensitive data on the internet
o phone home malware
o hidden FTP processes that transfer stolen data to remote hacker sites
o botnet data collectors

Advantages

Helping enterprises respond much faster to risk of data loss from malware and user activities, signicantly reducing their
damage containment costs and improving their overall security posture.

Benets

Access to data security experts. Jaring/CI/TM Data Loss Assessment team helps in-house sta rene data security policies
and monitoring solutions.
Visibility into violations. Current behaviors and security violations are captured.
Detailed recommendations. Assessment report details problems and provides recommended solutions.
Proof of compliance. Ongoing use of Trend Micro DLP blocks violations and helps prove compliance.

Security Posture Assessment

d) Vulnerability Assessment Service (VAS)

VAS is a service powered by Trend Micro and Qualys used to assess the level of security vulnerability for an organizations
information assets. It provides SaaS-based Vulnerability Management for Stronger Security & Verication of Compliance.

Features

Powered by Qualys
A service not just for vulnerability scanning but for its management.
Security, compliance and risk management
Already certied as PCI ASV(Authorized Scan Vender).
Secure hybrid SaaS (Yearly contract with hardware rental)
Provide vulnerability scanning for both external and internal.
Automated vulnerability management process.
Centralized reporting and management.

Advantages

Through management of network

vulnerabilities, reduce business security risk:
Discover and prioritize all network assets
without installing and operating software.
Recognize security vulnerabilities.
Scan, implement solution and manage
history across the entire network.

Benets

VAS allows organizations to:

Discover and manage all devices and applications on the network
Identify and remediate network security vulnerabilities
Measure and manage overall security exposure
Ensure compliance with internal policies and external regulations

Digital Forensics Services

a) Early Case Assessment

b) IProtect protection of potential digital evidences, Intellectual Property
and brand (evidence preservation service)
c) Digital forensics investigations and analysis