CyberProof provides a robust Application Security Orchestration and Automation Platform to manage security risks across your entire application portfolio. Together with SecuPi our innovation partner, we offer Data Centric Security & Compliance enablement and real-time visibility via rich dashboards and reporting capabilities.

Case Study: Large European OperatorApplication Risk Management Service

Services Offered

SecuPI specializes in Data Centric Security and Compliance Solutions with a focus on keeping Applications Safe:

Data-Centric Audit and Protection (DCAP)Dynamic Data MaskingUser Entity Behavior Analytics (UEBA) SecuPi Discovery & Data-Flow MappingCompliance with “Security by Design/Default” (article 25): using Data-centric Behavior Analytics (UBA).Compliance with “records of processing” & breach notification articles (articles 30, 33).Applied Subject Rights: Logical deletion, Mask and obscure data, micro-segment data access.Unified Reporting: Customer data exposure by various end-users through various channels, processes/data flows (applications), CRM user’s customer search criteria (ensure search function is not abused).Unstructured Data Protection: Automatic & accurate labeling, Data Protection, Dynamic Controls.

A UST Global Company

www.cyberproof.com

Discover & Classify Monitor & Detect Apply Subject RightsDiscover, map and classify

personal customer data and data-flows on applications

and systems

Providing real-time monitor-ing and auditing for "Records

of processing activites"

Hide or mask personal customers data for Right to be Forgotten, Consent &

Data Minimization

Solution - SecuPIData discovery & classification, building a comprehensive data inventoryDetection and prevention of OWASP Top 10 attacks, on web applicationsReal-time monitoring & auditing of sensitive data (forensics via Kafka to HDFS)Anomaly detection & correlation of suspicious behavior, detecting rouge users & lateral movement across Web & LoB applications (via Kafka & Flink)Applied GDPR policies (e.g., “right to be forgotten”)Defined detection & prevention policies (e.g., block SQL Injection, redact VIP customer access, dynamic mask personal data)Seamless integration with Microsoft AIP & RMS. Behavior maps & alerts sent to SOC (Splunk)SecuPi was installed on a cluster of 5 VMs (Docker on RHEL)

About CyberProofCyberProof is a security services company that manages cyber risk for enterprise organizations by providing pioneering services, technologies and elite cyber skills that adapt to the evolving threat landscape. Our advanced services, algorithms and orchestration platform provides rapid response and recovery that keeps your world safe from cybercrime.

For more information visit www.cyberproof.com

Customer ChallengeThe Operator needed help elevating their security profile, reducing risk and achieving regulatory complianceChallenge with developing a comprehensive application risk management capabilityNo formal IT security and compliance program, challenge with real-time monitoring and auditingInconsistencies in policies and data access controlsLack of application discovery and mapping tools: no details on data-flows in applications and systemsOngoing dependence on costly, unreliable and incomplete manual processes

Client Environment:50 Line of Business (LoB) applications, including a large BI/DW/Big Data environment Applications include Siebel, Billing applications, Amdocs/Comverse, SAP BO and many other in-house developed applications

A UST Global Company

BenefitsSecuPI added an overlay on the application layer, defined detection & prevention policies, prevented OWASP attacks on web-applicationsData discovery & classification, building a comprehensive data inventoryAnomaly detection & correlation of suspicious behavior, detecting rouge users & lateral movement across apps Applied GDPR policies (e.g., “right to be forgotten”)Real-time monitoring & auditing of sensitive data, behavior maps & alerts sent to SOC

ApplicationServer

(Java /. Net)

Data Source

User Request

Data RequestUser Response

Data Response

SecuPi Architecture

(Database, NoSQL, BigData, APIs/WebServices, MQSeries, Tibco, File Systems...)

ReportingServices

Tools

Multi-tenant, on-prem or cloud

SecuPi CentralManagement Servers

Policy management& forensics

User(Recipients, web services

& API calls)