Information Security Awareness Service: It is the program that allows companies to raise awareness of information security and to adopt this awareness from the top managers to employees in the lowest staff. In this program, the attack attacks are simulated during the year, the reaction of the employees against attacks is recorded and trainings are given to employees for information security. Within the scope of the program, the progress of employees in the field of information security awareness is also followed through the interface. In this way, cyber risks due to human errors are reduced.
CIS Consultancy: CIS (Center for Internet Security Inc) is an institution that works with the common mind of the global information community by performing private and public institutions in the face of cyber security threats. There are 171 security controls listed under 20 main items that CIS recommends the application of Sans Institute within the scope of cyber security checks. A detailed report is created by providing these controls with expert consultancy of KoçSistem, which is authorized by CIS.
Security attack surface monitoring and analysis: After many factors, such as the spread of cloud -based software, the transition to SAAS applications and the rapid increase in IoT practices and the rapid increase in assets, businesses change the ways of approaching risk management and the security of digital assets. All these new technologies increase the attack surface and make it difficult for security teams to detect these inventories and thus protect them.
With the security attack surface monitoring and analysis service, all digital assets that are open to foreign companies are scanned regularly. Thus, the shadow It) is detected and unknown to the security units and controlled against the known weaknesses and security risk rating over an interface and Detailed reporting is made.
RED TEAM SERVICE: The aim of the red team service is to simulate the real attacks focused on critical powers, raising critical information from the institution, providing access to critical areas, and seizing critical powers rather than weakness. Unlike the infiltration test service, a limited number of people are informed of the institution in Red Team studies so that the actions of the information security teams and corporate systems can be measured and observed in the face of simulated attacks. At the end of the service, all action steps are reported on a day and time basis, the effects of the actions are presented with evidence, causes and images.
Mitre Attack Simulation Test
Event Intervention Consultancy Service: It is a service that covers the intervention and management of the process when an institution or organization encounters or encountering a security violation or cyber attack or after the encounter.
Pishing simulation: By simulating the attack attack, the reactions of the employees against this attack simulation are reported.
Cyber Intelligence Service: The data collected with the 'traditional intelligence methods' from the environments of the attackers is processed with the help of analysts into a report format where companies can take action quickly.
In addition to passive monitoring using cyber techniques in intelligence methods, it also includes steps that require high labor and knowledge, such as the fact that the attackers speak, their new methods, the stolen information they have in their hands and all other operational details.
Leakage test: It is a type of service that tries to find it open using various methods and aims to reveal the size of the risk that may arise by accessing systems through these deficits. This service simulates the threats that may come from inside and outside.
Continuous leakage test: Continuous leakage test is a service model in which your company's security openings are followed 24/7 as well as traditional infiltration test.
Vulnerability: It is a type of service in which the safety openings present in the system or network are revealed up to the application level. This screening service can be provided in the specified welding network segment and specified intervals.
