Upload
truongbao
View
220
Download
3
Embed Size (px)
Citation preview
ISV Era and New Markets
30 people
New strategic direction towards Outsourcing
1991 1995 2000
First ISV clients in the US and UK
The largest real-time motions control system in the US
New Opportunities from UK Government
300+ people
Complex, highly automated, paperless, e-Customs system developed for The States of Jersey
1991 1995 2000 2008
First Fortune 500 customers
Scaling up to Enterprise Level
AMO, R&D and Engagement
500+ people
Transforming into a matrix-structured software company
1991 1995 2000 2008 2012
Comprehensive credit risk management system developed from scratch
ELEKS Fact Sheet
IT BUSINESSIN UKRAINE
PROFESSIONALS
of experiencedelivering value
to customers
YEARSOFFICES
TOPRzeszow, PolandTallinn, Estonia
Lviv, UkraineNew York, USALas Vegas, USA
London, UK
COUNTRIES
5 26
1200+3
9
What Eleks does in Estonia?
“The most digital country in the world”E-Residency Managing Director, Kaspar Korjus: “A study conducted by the American company Intuit suggests that there will be over 100 million new online workers by 2025. Through e-Residency, countries like Estonia will be in a position to attract people like this by becoming the best place to run a location independent business in the world. We think that countries will soon be competing for citizens, residents, and e-residents just like private companies compete for customers now..”
eleks.com
22nd in ‘Corruption Perception Index 2016’ (Transparency International)’
eleks.com
5th in ‘Global Cybersecurity Index’ (International Telecommunications Union)’
eleks.com
ELEKS cyber security approach: be aware of what is
happening; partner with niche professionals; balance risk, resilience, usability and price
Structure
1. Information security policies
2. Human resources security
3. Asset management
4. Access control
5. Cryptography
6. Physical security
7. Operations security
8. Communication security
9. System acquisition, development, and maintenance
10. Supplier relationships
11. Information security incident management
12. Information security aspects of business continuity management
13. Compliance
eleks.com
ELEKS security services
Centers of Excellence
Preemptive Incident Response
Threat Hunting
Security Risk Management
Forensic
Big Data and Cloud Security
Data Security and Privacy
Security Compliance Management
Key Certificates
ISO 27001 LA
CISM
CISA
CIA
CCSP
MBA
Security Outsourcing
Project Management
CCSK
PhD
Security Services
SCST
eleks.com
Template Security Services Monthly Report Extract
eleks.com
eleks.com
Remediation strategy:
● Disable service
● Close port
● Blacklist file and application
● Install updates/patches
● Blocking malicious IP/Domains/email adresses
● Kill-switch deployment
IOC Threat Intelligence:
● AlienVault OTX
● Cyber-Daily
● Virus Total
● Hybrid-analysis
Rapid reporting (up to 3h):
● WSUS Updates Status Reports
● Secdo Analytics
● Nexpose Reports
Petya
CVE
FileHash-MD5
FileHash-SHA256
Indicator Type Quantity
CVE 1
email 1
FileHash-MD5 4
FileHash-SHA256 9
Grand Total 15
WannaCry
domain
URL
Indicator Type Quantity
domain 15
URL 12
Grand Total 27
Locky
domain
FileHash-SHA256
URL
Indicator Type Quantity
domain 6
FileHash-SHA256 11
URL 8
Grand Total 25
eleks.com
The installation status of the last 2017-08 cumulative Microsoft update for Windows Machines
100%
100%
100%
96,4%
3,6%Not reported
Windows 7
Windows 8.1
Windows Server 2008 R2
Windows 10
eleks.com
Weekly vulnerability report from Nexpose
7
Critical vulnerabilities
4
Remediation in progress
3
Resolved
Vulnerability Task Vulnerability resolution
SMTP unauthenticated 3rd-party mail relay (smtp-general-openrelay)
https://jd.eleks.com/browse/ITSPP-18388 Resolved
Default or Guessable SNMP community names: public (snmp-read-0001)
https://jd.eleks.com/browse/ITSPP-18390 In progress
TELNET access with no account and password admin (telnet-generic-0001)
https://jd.eleks.com/browse/ITSPP-18393 Resolved
Apache HTTPD: ap_get_basic_auth_pw() Authentication Bypass (CVE-2017-3167) (apache-httpd-cve-2017-3167)
https://jd.eleks.com/browse/ITSPP-18393 In progress
VNC remote control service installed (backdoor-vnc-0001)
https://jd.eleks.com/browse/ITSPP-18413 In progress
PHP Vulnerability: CVE-2017-11362 (php-cve-2017-11362)
https://jd.eleks.com/browse/ITSPP-18415 Resolved
Oracle MySQL Vulnerability: CVE-2017-3599 (oracle-mysql-cve-2017-3599)
https://jd.eleks.com/browse/ITSPP-18414 In progress
eleks.com
Monthly vulnerability monitoring status
September 18, 2017. CCleaner v.5.33 Hacked to Distribute Malware.Remediation: The affected version has not been detected.
September 12, 2017. Critical Bluetooth Attack: BlueBorne.Remediation: Patched by Microsoft updates.
September 05, 2017. Critical Vulnerability in Apache Struts2.Remediation: Performed a vulnerability scan, not detected.
August 31, 2017. Massive Email Campaign Sends Locky Ransomware.Remediation: Sent the awareness, conduct the Information Security Training, installed Microsoft updates centrally, Secdo antiransomware module enabled + updated IOC.
August 30, 2017. Critical Vulnerability in LabVIEW.Remediation: This software is not installed.
August 24, 2017. Virus Spreading Through Facebook Messenger.Remediation: Sent the awareness. SIEM + Secdo continuous monitoring.
August 17, 2017. Two Critical Zero-Day Vulnerabilities in Foxit PDF Reader.Remediation: Sent the awareness, secure configuration is set up on all workstations by default.
eleks.com
0
20000
40000
60000
80000
100000
120000
140000
160000
180000
Top 20 Events “Customer”
Quantity
Source IP(unique)
Destenation IP(unique)
OSSIM monthly report (19.08.2017 till 19.09.2017)