about - synergy consulting
TRANSCRIPT
ABOUTCOMPANY
SYNERGYtakes pride to be a one stop technology partner providing Company Level Technical Architecture development, Software Solutions, Cyber Security Professional Services, Remote Support, Certified Trainings, Outsourcing, Assessment and Consulting Services, as well as solution to offer the Security Operations Centre (SOC) and Managed Security Services (MSS).
SYNERGYis established by Industry Security experts who have extensive experience workingwith End-User, System Integrators, Distributors and Vendors, and understand theregional gap and challenges in the Cyber Security Industry. We are going beyond tobuild the trust and strategic relationship to deliver the standard and customizedservices packages that can meet the business expectations.
Our business model helps in boosting the profitability by minimizing risk from changing Cyber Security landscape.
Besides, we have a best in class professional consultants with comprehensive background in Project Management and Cyber Security to provide a tailored Solutions and Consulting Services on market-leading Security technologies to empower Customers, System Integrators, Distributors and Vendors.
WHY US & OUR SKILLS
• We are a Cyber Security and Consulting services firm focusing on Cyber Security end-to-end services.
• We have professional Consultants specialized in the respective security domain, and experience in handling
medium to sophisticated service and consulting delivery engagements.
• We understands the business needs and provides the customized services packages which can be delivered
either remotely or onsite, from short term to long term.
• We have an extremely competent and highly skilled team to take care of all your development and growth
aspects wherein you can focus on your core business to catalyze and enable and exponential growth.
• Our in-depth, wide and diversified industry experience helps us pioneer most of the verticals to make technology
enable your business in ways which are most efficient, innovative and productive.
• We believe in value additions for all stakeholders.
SERVICES PORTFOLIOSYNERGY has a proven industry expertise as a technical and consultation partner for all of the following genres
and verticals to enable and help grow businesses on every aspect.
• Quick Start Deployment
• Custom Scope Deployment
• Migration Services
• Optimization Services
Professional Services
• Technical Support as a Service (T-SaaS)
• Flexible Packages - FTE Based, Incident Based
• PAYG Model
Support Services
• Resource as a Service (R-aaS)
• Short Term to Long Term
• Recruitment Solution
Resident Engineers
•EC-Council
•ISC2
•ISACA
•CompTIA
•Cloud
•IT Services
•Security
Training Academy
•Vulnerability Assessment
•Penetration Testing
•Security Hardening
•Configuration Reviews
•Red Teaming
•Source Code Audit
•IoT Testing
•SAP Security Assessment
Assessment Services
• IAM Consulting and Deployment
• GRC Consulting and Deployment
Niche Skills
•SOC Consulting
•Remote and Captive SOC
•Incident Response
•Threat Intelligence
•Device Management
•Device Hardening
•Security Patch and Upgrade Management
MSS & SOC
IT Audit Services
Governance1. IT Strategy Audits2. IT Framework Management3. IT Business Objectives Redefining4. Management Committees5. Management Approach6. CoBIT 5.0 Assessments7. ISM3 Audit
Compliance1. ISO 27001:2013 Audit2. ISO 20000-1 : 2011 Audit3. NESA Audit4. ISR Audit5. ADSIC Audit6. ISO 223017. PCI DSS8. SOC 1,2,3
Technology1. Vulnerability Assessment2. Penetration Testing3. Configuration Audit4. Cloud Security Audit5. SCADA Assessments6. Source Code Audits7. Red Teaming Assessment8. SAP Security Assessment9. IoT Assessment
Risk1. Management of Technical Risks2. Management of Operational Risks3. Management of Administrative Risks4. Risk Treatment Planning5. Implementation Modelling Strategy6. ISO 310007. ISO 270058. Data Center Audit
Auditing Structure
Ide
nti
fy • Cyber Security Posture Assessment
• Security Strategy & Transformation Audit
• Vendor Risk Management
Pro
tect • ISO 27001 Audit
•PCI DSS Audit
•NESA Assessment
• ISR Assessment
•NCEMA
•Data privacy Audit
Det
ect • VAPT
• Secure Code Review
• SARD
• Cloud Security
• Software License Compliance
• Configuration Audit
Re
spo
nd • Security
Incident & Event Management (SIEM)
• Security Operations Center (SOC)
Re
cove
r • Business Continuity Management
• Disaster Recovery Planning
• Forensics & Reverse Engineering Audit
Security Auditing Portfolios
Pro
cess • CMDB
• Change
• Incident
• Release
• Problem
• Helpdesk
• BRM
• SRM
• Budgeting
• Vendor Risk
• Internal Processes
Co
mp
lian
ce • ISO 20000
• ITIL
•SOC 1
•SOC 2
•SOC 3
•Data Centre Audit
•TIA 942G
ove
rnan
ce • IT Strategy Audit
• IT Framework Assessment
• IT Portfolio re-engineering Audit
• IT Risk Assessment
Co
nti
nu
ity • Capacity
Management Audit
• Availability Management Audit
• Backup Management Audit
• ISO 22301
Man
age
d IT • Managed
Network Assessment
• Managed Cloud Assessment
• Hosting & Website Assessment
IT Services Auditing Portfolios
• Robotics Process Automation (RPA) Audit
• SCADA Assessments and Audit
• DDOS Penetration Testing
• Phishing Campaigns and Simulation Assessments
• Network Behaviour Assessment
• Source Code/ Mobile Application Security Assessment
• Digital Fraud Aanlysis
• Black Box Application Testing
• HIPPA Assessment
• NIST Assessment
Specialised Auditing Portfolios
OptimizedFocus is: Business Opportunity
Reporting is: Enterprise Wide
Processes are: OptimizedTransformFocus is: Collaboration With Business
Reporting is: Balanced
Processes are: MeasuredManagedFocus is: Risk
Reporting is: Coordinated
Processes are: Defined
SILOEDFocus is: Compliance
Reporting is: Disconnected
Processes are: Isolated
TransitionFocus is: Effective Processes
Reporting is: Fragmented
Processes are: Consistent
Maturity Model
Compliance Audit Process
Scoping & Planning
Information Gathering
Vulnerability Detection
Privilege Escalation
Result Analysis
Reporting
IP Addresses, Hostnames, IT/
Network Architecture
Infrastructure, End Users,
Locations, Man-days
Executing Scan, Prioritization, Detailing the
findings
Attack and Penetration Testing on identified
vulnerabilities
Analyze the results,
Identification of False Positives, Discussion with
stakeholders
Report the finding and recommendations to the top management
Technical Audit Process
