network intelligence profile... · the network intelligence story 2001 2003 2004 2007 2008 2011...
TRANSCRIPT
©2019 Network Intelligence. All Rights Reserved.
Network IntelligenceCorporate Profile
The Network Intelligence Story
2001 2003 2004 2007 2008 2011 2012 2014 2016 2017 2018
TeamSize
Company
commences
its operations
Successfully developed
first set of automation
tools to differentiate
service offerings
Executed 1st International
project for Dubai Stock
Exchange
Won first US customer
(leading SIEM vendor)
Presentation on Detection and
Evasion of Web Application
Attacks at Blackhat conference
Awarded ISO 27001Delivery and Training
Centres expanded
NII is a certified
PCI DSS QSA
MSSP Services
Launched
NII acquires Torrid
Networks
Operations in
Singapore started
NII receives
funding from
New York based
Helix
Investments.
NII picks up
Captive SOC
order from
Largest Private
sector Bank
Additional
offices and
partnerships
signed up in
UK, Europe and
Australia
Middle East
Operations
commenced
Training Division
Started
2001
1
2003
5
2005
8
2007
10
2009
20
2011
30
2013
80
2015
170
2016
300
2017
400
2018
550
©2019 Network Intelligence. All Rights Reserved. 2
Big data platform for
Security Analytics –
launched
2019
700
Organization Structure
©2019 Network Intelligence. All Rights Reserved. 3
PMO
Professional Services
IT
Subject Matter Experts
Consultants
EMEA
North America
India
APAC
Innovation & Research
Process Improvement
Development & Testing
Industrial Cybersecurity
Payments Security
Training Operations
Training Sales & Marketing
Training
Finance
Human Resource
Sales & Marketing
40 330 130 25 20 35 20
CEO
K. K. Mookhey
600+Total Headcount
Security Monitoring
Incident Response & Threat Hunting
Vulnerability Management
Project Delivery Managed Security Services
Research & Development
Business Unit Training Support Services
Business Continuity Management
Firesec & BlueScope
Management Team
©2019 Network Intelligence. All Rights Reserved. 4
KK Mookhey, Founder & CEOKK provides the vision and direction for the firm, and has steered it froma one-man consulting shop started in 2001 to a global cybersecurity firmwith an expansive portfolio of services. A technologist at heart, he enjoysdealing with complex security problems and developing solutions toclient challenges. He is a qualified PCI QSA, CISA and CISSP.
Altaf Halde, Global Business HeadA seasoned cybersecurity professional with over two decades ofexperience in building businesses, Altaf spearheaded the South Asiabusiness for Kaspersky for 7 years prior to joining the firm. In his previousstints he has run India business for companies such as Sophos, Utimacoand others. Highly passionate about cybersecurity, he combines sharpbusiness acumen with a keen sense of humor
Pratik Samant, Regional Director, EMEAPratik heads business in the EMEA region. Having single-handedly grownour Middle East business from the first client in 2012 to contributingnearly 40% of our global revenues. He loves nothing more than closingdeals and chasing targets, while sustaining relationships. His totalexperience of 14 years includes previous stints in sales roles at MTechand Allied Digital among other firms.
Munesh Ahuja, Global Delivery HeadMunesh brings more than 24 years of rich experience across multipledomains: Information Technology, Telecom, Business ProcessOutsourcing, BFSI and US Healthcare. Munesh is passionate aboutanalysing data to build information while delivering successful customerstories. At Network Intelligence, he is responsible for delivery across ourservice lines of assessment, consulting and remediation. If Munesh is notat work, he is busy preparing for his next marathon.
Wasim Halani, Research & Development HeadWasim started and has grown his career at the firm. Starting off as apenetration tester, Wasim started our research team in 2016, and sincethen has contributed significantly to new service lines, improvement ofquality in existing service lines, and most importantly in the developmentof our big data platform with machine learning capability – BlueScope™.He also oversees the development team that works on Firesec™ – oursecurity orchestration and automation platform.
David Danziger, DirectorDavid Danziger is a Director of Helix Investments and also on the Board of Network Intelligence. He is also a co-founder and managing member of Culbro LLC. Mr. Danziger's previous experience was in marketing and finance. A graduate of Harvard College and Harvard Business School, Mr. Danziger serves on the boards of Griffin Industrial Realty Inc, TDBBS LLC, Med Emporium LLC and LearningMate Solutions Pvt. Ltd.
Management Team
©2019 Network Intelligence. All Rights Reserved.5
Karishma Mookhey, Training Business HeadKarishma is passionate about building cybersecurity talent and runs thetraining division which caters to students as well as corporate clients. Shehas now spent over a decade in building the Institute of InformationSecurity in a formidable brand and a centre of excellence forcybersecurity, where on average 300+ students are trainer per year andsuccessfully placed at organizations across the globe.
Pawan Singh, Business Head - APACAs an erstwhile CISO, Pawan uniquely understands the challenges of thisrole, and is able to provide practical viewpoints on cybersecurityproblems faced by most organizations. At Network Intelligence, he playsthe role of both pre-sales solutioning as well as post-sales oversight oncritical GRC projects in the APAC region. He holds the CISSP and CISAcredentials and his previous stints include security leadership positionsat Tulip Telecom, Airtel, and others.
Ashutosh Mahashabde, Practice Lead, GRCAshutosh is a veteran of the cybersecurity space with specialization ingovernance, risk management and compliance with over 22 years of totalexperience. Has helped more than 250 companies achieve compliances toISO 27001, ISO 22301, SAMA, NESA and other frameworks. At NetworkIntelligence, he leads the GRC practice and ensures high quality of servicedelivery and customer satisfaction. He is also CISA certified.
Shrikant Antre, Practice Lead, AssessmentShrikant started and has grown his career at the firm. Starting off as apenetration tester, Shrikant has nearly a decade of experience in securityassessment, ranging from hands-on work at some of our most prestigiousclients. As the Practice Lead he now overseas all our most challengingprojects related to red team assessments, bug bounty programs, criticalinfrastructure security assessments, etc.
Aniket Govilkar, MSSP HeadAniket is a hands-on, roll-up-his-sleeves kind of business leader with keenattention to detail. He not only oversees our 24/7 SOCs in India and Dubaibut also runs security monitoring, threat hunting, vulnerabilitymanagement, threat intelligence, anti-phishing, SOC maturity assessment,and SIEM implementation projects.
Pushpa Redkar, Country Business HeadPushpa joins us with an extensive 18 years experience in the Indian ITindustry. She has established business lines for an erstwhile securityservice provider running into multi million rupee business.
Management Team
©2019 Network Intelligence. All Rights Reserved. 6
Deep Chanda, Business Head - Payments SecurityDeep brings in over 13 years of sales and marketingexperience in the cybersecurity space. Prior to joining NII,he lead the Americas business for another PCI QSAcompany, and before that he was with American Express.At Network Intelligence, he focuses on growing ourPayments Security Business.
Viral Trivedi, Head – Operations Americas & LATAMViral is responsible for managing NII’s operations in UnitedStates and LATAM America & also handle the Global ICSBusiness. He has over 20 years of experience incybersecurity advisory services space with deep knowledgein Industrial Control Systems, Critical Infrastructure and IIoT.In his recent experience, Viral has assisted many industrialorganizations with developing a cybersecurity blueprint fortheir digital transformation journey into Industry 4.0.
S Seshadri , Business Head – BCMSS. Seshadri has experience that spans about 43 years, in the domains of BCM, IT and Banking & Financial Services. He was one of the pioneers in the IT Division of Canara Bank from 1984 till 1994. He is an Associate Fellow of The BCI, UK and an Approved Instructor for their 5 day GPG 2018 workshop leading to CBCI/MBCI certification for BCM professionals. He is also on the panel of BCI Assessors for evaluating MBCI/AFBCI applicants for BCI membership/upgrade, and on their Judging Panel for the yearly BCI Awards.
Manish Chaudhari, Practice Lead, PCI DSS and SSAE 16Manish heads our PCI DSS practice and is widely regarded as an expert inthe field. His areas of expertise and experience cover not just PCI DSS, butalso PA DSS, PTS, and other standards and frameworks from the PCICouncil, Visa and Mastercard. He also leads our SSAE 16 consulting projectsand ensures clients build appropriate control frameworks.
Shrikrishna Manjrekar, Dy Principal ConsultantShrikrishna has more than 20+ years of combined multi-disciplinary experience across Information Security and related areas. He has expertise with 21 certifications incl QMS, ISMS, PCI DSS QSA, PA DSS, GDPR, Cloud Security Alliance Framework, IT & OT Security, IT & IS Compliance along with experience in auditing 200+ organizations (400+ man days) from 45+ industry verticals
Amit Jain, Head of FinanceAmit heads our Finance division. He is a Chartered Accountant byprofession. Before joiing NII, he spent close to 11 years at Rolta India.Starting as a Senior Finance manager in Rolta, he grew to the role ofAssociate Director at Rolta India. He has also worked for India Gypsum Ltd& Vidyut Metallics Ltd.
Consulting Services Portfolio
©2019 Network Intelligence. All Rights Reserved. 7
• Web and Mobile Application
• Code Review
• Network Architecture
• Infrastructure Vulnerability Assessment
• IoT, Blockchain, Cloud Security
• Red Team Assessments
• Bug Bounty Programs
• Critical Infrastructure (ICS)
• Telecom Infrastructure
• ERP
• Cybersecurity Strategy
• Cybersecurity Maturity Assessment
• Risk Management
• Compliance Frameworks – NIST, GDPR, ISO 27001, PCI DSS, HIPAA, SSAE18, ISO 22301
• Business Continuity, IT Disaster Recovery, Crisis Management & Related Services
• Policies and procedures
• Security Awareness
• CISO-as-a-Service
• Security Architecture Implementation
• Infrastructure Security Hardening
• Secure Cloud Migration
• Security Solution Selection and Evaluation
• Security Solutions Implementation and Support – WAF, PIM, DLP, EDR, DAM
Assessment GRC Technology Services
MSSP Service Portfolio
Security Monitoring &
Incident Response
Active Threat Hunting
Red Team Assessment
Security Assessment
(Network, Web & Mobile
Applications)
SOC Maturity Assessment
and SIEM Optimization
Anti-Phishing Pro-active
Monitoring & Take Down
Service
Digital Forensics
& Malware Analysis
SOC Automation
Device Management
©2019 Network Intelligence. All Rights Reserved. 8
Technology Coverage
Security
Monitoring
Security
Analytics & Active
Threat Hunting
Vulnerability
Management
Web Application
Firewalls
Privileged ID
Management
Next Generation
Firewalls
Endpoint
Security
Data Leakage
Prevention
Cloud
Security
OT Security
1 2
6 7
3 4 5
108 9
©2019 Network Intelligence. All Rights Reserved. 9
Marquee Clientele – US
©2019 Network Intelligence. All Rights Reserved. 10
Leading analytics software company
Leading Spear-Phishing Company
Leading Backup Solution Provider
Leader in unified procurement and supply chain solutions
United Nations Children’s Fund
Leading IT software vendorWorld Food Programme
International Fund for Agriculture Development
Leading Multinational Bank
Global Telecom Major
Walmart International Technology GiantStaples Volkswagen
Leading Analytics Company
Sony Corporation Hong Kong and Shanghai Banking Corporation Thomas Cook
VFS Global Leading Credit Bureau
Marquee Clientele – Asia
©2019 Network Intelligence. All Rights Reserved. 11
Largest Private Bank in the Country
Top 3 Oil & Gas Companies Leading Online Trading Platform Large Oil and Gas Company Large business conglomerate
Largest Stock Exchange 2nd Largest Stock Exchange Top 3 IT Vendors Large Pharmaceutical Company Top 5 Telecom Vendors
Leading Media Conglomerate International Technology Giant Leading Local Search Engine Top 5 Private Banks in the Country
Leading Analytics Company
2nd Largest Private Bank in the Country
Top 5 Private Banks in the Country
National Payment Switch Leading Online Travel Portal Leading Car Buying Portal
12
Leading Payment service provider
Leading Information Technology and Services provider Largest Bank - Thailand Largest Bank - Mauritius Leading Retail Store in Australia
Insurance service provider is Bangkok
Call Centre Service provider -Philippines IT Service Provider - Philippines
Global Call Centre - Philippines Australian Based Call Centre Service provider
Insurance Service provider Philippines
Computer & Network Service Provider
Singapore Based IT Service Provider
Tennis Australia Financial Service Provider -Australia
Marquee Clientele – South East Asia
Royal Thai Armed ForcesPayment Service ProviderLargest Bank of PNG
Leading Logistics Service Provider - Australia
Leading Thai Payment Service Provider
Marquee Clientele – EMEA
©2019 Network Intelligence. All Rights Reserved. 13
2nd Largest Bank in Saudi Arabia 2nd Largest Bank in UAE Large Global Front-Office Provider Large IT Vendor in Middle East
Top 10 Banks of UAE National Carrier of Kuwait Top 10 Banks of UAE Top 5 Banks of Qatar
Top 10 Banks of UAE Large IT Vendor in Middle East Top 10 Banks of UAE National Payment Switch of UAE
Top 10 Banks of UAE UAE Government Entity Large Hospitality Group Large IT Vendor in Middle East
Why customers love us?
©2019 Network Intelligence. All Rights Reserved. 14
Very glad to share with you that the NII team
under the guidance of the Senior Security
Consultant could support and make the WIFI
security assessment a success without
compromising on the security aspects and the
patience in the countless discussions for WIFI
security assessment. Would like to also
acknowledge the good work done by Saurabh
and Amit to make this happen.
CISO - 2nd Largest Bank in India
We would like to express our sincerest & heartfelt gratitude
for the hard work, dedication, customer service &
professionalism shown by the consultants during the recent
stabilization exercise. All 3 of them rotated in 8 hour shifts,
sacrificed their fun (during a company picnic) and came
out of the way to help us, when we needed them the most.
They really have gone above & beyond and for this, we
request NII to send us a quotation for professional services
for the amount of time they spent here during this exercise.
CISO - Largest Bank in Dubai
“I am glad to intimate you that all the 3
personnel from NII (Abhishek, Deepak and
Manish) have performed exceptionally well by
showing great sense of dedication towards
identification, follow up and closure of
vulnerabilities. They have also been an
example for other resources by being punctual
everyday to office. It’s a pleasure to have these
guys with us.”
Security Manager Largest Bank in India
“The work related to this activity had coverage over Physical Security, Trading Systems, Network and Network Security; along with interactions
with various people. However, the work also had an important part related to understanding the business we are in Stock Exchange;
It was observed that [the Consultant] has been able to quickly learn and apply his knowledge and expertise to accomplish the verification of the
business functions and requirements. This is rare and hence Ï am writing email of appreciation towards his work. We value his deployment for
this project, his work has raised the bar of delivery expectations.
CISO - Largest Stock Exchange
People Focus• We wholeheartedly encourage all employees
to pursue relevant opportunities to learn and enhance their skill-sets. We have our own Learning and Development portal which includes technical and non technical study materials.
• Employees attend various security community events happening in their cities and also conduct sessions and present talks at such community meets (Bsides, OWASP, Null, etc.)
• Weekly internal knowledge sharing session on any cutting-edge topic, such as Blockchain, IoT, SCADA Security, etc.
• Training for new hires: All new hires have to attend compulsory training programs.
Staff Certifications
Certifications Count
Certified Ethical Hacker 119
Offensive Security Certified Professional (OSCP) 15
Certified Information Security Consultant (CISC) 131
Certified Information Systems Auditor (CISA) & Certified Information Systems Security Professional (CISSP)
10
Associate Fellow of Business Continuity Institute (AFBCI by The BCI, UK) / Certified Business Continuity Professional (CBCP by DRI International USA)
2
CREST Certified 2
PCI DSS Qualified Security Assessor (QSA) 6
ISO 27001 Lead Auditor / Lead Implementer/ ISO9001 / ISO 14001 / ISO23001 / BS25999 / ITIL / ISO20000 / ISO22301
45
Cyberark/Imperva/QRadar/Arcsight Certified 30
Certified Professional Hacker (CPH) / Certified Professional Forensics Analyst (CPFS) 149
©2019 Network Intelligence. All Rights Reserved. 16
Case Study – Big Data Analytics for Security
Client:
Amongst Top Private Sector
Banks in India
The Need:
Visa / MasterCard reported
that the client’s ATM network
has been breached putting
3.2Mn customers potentially
at risk
Scope of work:
Investigation at the ATM
Switch (complex environment
with multiple servers &
firewalls along with an
outsourced SOC)
01 Information Log
• 150 GB+ of logs on Day 1 &
counting
• Varied log formats – at least
12 & counting
• Time pressure to analyse
quickly & prove/disprove
theories
• Client unwilling to send logs
out of the network
02
• Failed Logins | Successful Logins |
Processes executed | System
Restart | Services Installed | Event
Log cleared
• Schema Changes | Failed Logins |
Successful Logins | All critical
events
• Top Talkers | Top Destinations |
Correlation with known IoCs |
Entropy of destination domain
names
• All changes | All critical events |
Connectivity Ratios
• Frequency analysis of emails
sent/received | Dump of all
attachment names 2 months prior
to the period of CPPs’ | Extract all
attachments & conduct
automated sandbox analysis
• Failed logins | Critical Kerberos
events | Lateral movement signs |
Changes to group policy
Analytics Performed
DATABASE
Firewall
AD Logs
03Findings
• Narrowed down to the main
server compromised
• Attackers modus operandi and
toolkit used found
• Worked backwards to find out
the other servers that were
compromised
• Results delivered within 72
hours of onsite investigation
©2019 Network Intelligence. All Rights Reserved. 17
Case Study – Red Team Assessment
Client:
Amongst Top 3 Banks in UAE
Scope of Work:
• Red Team assessment to
test Client’s defenses in a
real world cyber attack
scenario on their Retail &
Corporate Internet Banking
and Mobile Banking
Systems
• Identify key loopholes in
the security setup & action
points to address them
• Build response, recovery
and resiliency capability
rather than traditional
approach to identify,
prevent & detect issues
Discovery
Map out systems and
hunt for targets for
compromise
Data Centre
Capture
• Compromise of Primary systems
• Capture of exposed data
Key Skills Used:
• Technical Hacking
• Physical Hacking
• Social Engineering
Infiltration Points:
• Headquarters / Bank Branches
• Internet Banking
• Users (Employees)
Exfiltration:
Captured data sent to base
in encrypted payloads
01 02
0304
Key Findings
1. Access to senior management mailboxes
2. Access to customer financial transactions
3. Admin rights to SAP
4. Planted physical backdoor device in Clients
network
Key Strengths - NII
1. Fully Undetectable Malware
2. Social Engineering Skills
3. Hacking Skills
4. Team comprising of Bounty Winners
5. Usage of Pwn Plug to access network
©2019 Network Intelligence. All Rights Reserved. 18
Our Products
Features
©2019 Network Intelligence. All Rights Reserved. 20
It is an automated solution for security device rule configuration analysis,optimization and compliance readiness. With Firesec you can determinecompliance levels to PCI DSS, CI Security Benchmarks, and other standards, aswell as determine insecure rules, redundant rules, and unused rules that canhelp significantly optimize. We support most of the major firewall vendors,router, and switch vendors as well as the leading proxy products.
Analyze & Optimize rule bases
Uncover unused objects
Review Rules
Compliance Readiness
Customized user dashboard
Cherry pick reports sections
Configuration comparison
Log & Hit count Analysis
Multi-Vendor Support
©2019 Network Intelligence. All Rights Reserved. 21
It is an Elastic-powered big data platform for security analyticsproviding you the ability to mine massive amounts of data, do patterndetection, threat hunting and advanced forensics. The use cases aremapped to the MITRE ATT&CK framework and enable detection ofadvanced attacks on your organization.
Reduce false positives
Use cases mapped to MITRE ATT&CK framework
Scheduled reports and alerts
Discovery of bad actors via machine learning algorithms
Detect file-less malware and other adversary artefacts
Run advance search and data discovery
Reports and Metrics
Capabilities
Threat Hunting
CISO Dashboards
Why partner with us
Why partner with us
©2019 Network Intelligence. All Rights Reserved. 23
Constantly innovating and adding new services and capabilities to the portfolio
Agile and customer-friendly service delivery philosophy
Capability extends beyond web and mobile apps to IoT, Blockchain, Cloud, and Critical Infrastructure security
Team of 600+ cybersecurity professionals and growing at 40-50% CAGR
Our engagement philosophy is a partnership model rather than transaction-based
Focus on detail and personalised attention
Well-established delivery process with focus on quality and timeliness of delivery
Reference customers across geographies and industry including marquee names
Strong OEM partnerships
N E W Y O R K | D U B A I | M U M B A I | P U N E | D E L H I | B E N G A L U R U | S I N G A P O R E
©2019 Network Intelligence. All Rights Reserved. 24