siem (security information & event management)
TRANSCRIPT
----------------------------------------------------------------------------------------------------------------------------- ------------- Copyright @ TechKnowGram Limited, All Rights Reserved Page 1 of 9
TechKnowGram Limited ISO 9001:2015 & ISO 27001:2013 Certified Company
[email protected] | www.TechKnowGram.com
Phone: +88 02 55008199 | Mobile: +88 01819250309
5/9 Block B, Suite B1, Lalmatia, Dhaka 1207, Bangladesh.
SIEM (Security Information & Event Management)
SIEM (Security Information & Event Management): Helps organizations recognize potential security threats and
vulnerabilities before they have a chance to disrupt business operations. Security information and event management
(SIEM) offers real-time monitoring and analysis of events as well as tracking and logging of security data for compliance
or auditing purposes. A highly efficient data orchestration system for managing ever-evolving threats as well as regulatory
compliance and reporting.
Vulnerability Management
Vulnerability Management: The process of identifying, categorizing, prioritizing, and resolving vulnerabilities in
operating systems (OS), enterprise applications (whether in the cloud or on-premises), browsers, and end-user
applications. An ongoing process, vulnerability management seeks to continually identify vulnerabilities that can be
remediated through patching and configuration of security settings.
----------------------------------------------------------------------------------------------------------------------------- ------------- Copyright @ TechKnowGram Limited, All Rights Reserved Page 2 of 9
TechKnowGram Limited ISO 9001:2015 & ISO 27001:2013 Certified Company
[email protected] | www.TechKnowGram.com
Phone: +88 02 55008199 | Mobile: +88 01819250309
5/9 Block B, Suite B1, Lalmatia, Dhaka 1207, Bangladesh.
Penetration Testing
Penetration Testing: Is an attempt to evaluate the security of an IT infrastructure by safely trying to exploit
vulnerabilities. These vulnerabilities may exist in operating systems, services and application flaws, improper
configurations or risky end-user behavior. Penetration, in this case, refers to the degree to which a hypothetical threat
actor, or hacker, can penetrate an organization's cybersecurity measures and protocols.
Privileged Access Management
Privileged Access Management: Strategies and technologies for exerting control over the elevated (“privileged”)
access and permissions for users, accounts, processes, and systems across an IT environment. PAM helps organizations
condense their organization’s attack surface, and prevent, or at least mitigate, the damage arising from external attacks
as well as from insider malfeasance or negligence.
----------------------------------------------------------------------------------------------------------------------------- ------------- Copyright @ TechKnowGram Limited, All Rights Reserved Page 3 of 9
TechKnowGram Limited ISO 9001:2015 & ISO 27001:2013 Certified Company
[email protected] | www.TechKnowGram.com
Phone: +88 02 55008199 | Mobile: +88 01819250309
5/9 Block B, Suite B1, Lalmatia, Dhaka 1207, Bangladesh.
Network Access Management
Network Access Management: Set of tools, processes and protocols that govern access to network-connected
resources. A multifaceted discipline that involves access control solutions for different types of resources, including
conventional PCs and servers, and also network routers, IoT devices and more.
Web Application Scanner
Web Application Scanner: Looks for security vulnerabilities by simulating external attacks on an application while the
application is running. Good at finding externally visible issues and vulnerabilities. This includes a number of security risks
from OWASP’s top ten, such as cross-site scripting, injection errors like SQL injection or command injection, path
traversal, and insecure server configuration.
----------------------------------------------------------------------------------------------------------------------------- ------------- Copyright @ TechKnowGram Limited, All Rights Reserved Page 4 of 9
TechKnowGram Limited ISO 9001:2015 & ISO 27001:2013 Certified Company
[email protected] | www.TechKnowGram.com
Phone: +88 02 55008199 | Mobile: +88 01819250309
5/9 Block B, Suite B1, Lalmatia, Dhaka 1207, Bangladesh.
Source Code Review
Source Code Review: Is a testing methodology that analyzes source code to find security vulnerabilities that make your
organization’s applications susceptible to attack. SAST scans an application before the code is compiled. It’s also known
as white box testing. SSL Certificate:
Web Application Firewall
Web Application Firewall: Protects web applications from a variety of application layer attacks such as cross-site
scripting (XSS), SQL injection, and cookie poisoning, among others. Attacks to apps are the leading cause of breaches—
they are the gateway to your valuable data.
----------------------------------------------------------------------------------------------------------------------------- ------------- Copyright @ TechKnowGram Limited, All Rights Reserved Page 5 of 9
TechKnowGram Limited ISO 9001:2015 & ISO 27001:2013 Certified Company
[email protected] | www.TechKnowGram.com
Phone: +88 02 55008199 | Mobile: +88 01819250309
5/9 Block B, Suite B1, Lalmatia, Dhaka 1207, Bangladesh.
Anti DDOS
Anti DDOS: Anti-DDoS solution precisely to fight against these distributed denial-of-service attacks. Improve the user
experience by reducing page load times, all while maintaining 100% application uptime. Blocks attack traffic at the edge,
ensuring business continuity with guaranteed uptime, and no performance impact.
End Point Detection & Response
End Point Detection & Response: An integrated endpoint security solution that combines real-time continuous
monitoring and collection of endpoint data with rules-based automated response and analysis capabilities. An emerging
technology that addresses the need for continuous monitoring and response to advanced threats.
----------------------------------------------------------------------------------------------------------------------------- ------------- Copyright @ TechKnowGram Limited, All Rights Reserved Page 6 of 9
TechKnowGram Limited ISO 9001:2015 & ISO 27001:2013 Certified Company
[email protected] | www.TechKnowGram.com
Phone: +88 02 55008199 | Mobile: +88 01819250309
5/9 Block B, Suite B1, Lalmatia, Dhaka 1207, Bangladesh.
Data Loss Prevention
Data Loss Prevention: Make sure that users do not send sensitive or critical information outside the corporate network.
Classifies regulated, confidential and business critical data and identifies violations of policies defined by organizations or
within a predefined policy pack, typically driven by regulatory compliance such as HIPAA, PCI-DSS, or GDPR.
File Integrity Monitoring
File Integrity Monitoring: Technology that monitors and detects changes in files that may indicate a cyberattack. IT
security process and technology that tests and checks operating system (OS), database, and application software files to
determine whether or not they have been tampered with or corrupted.
----------------------------------------------------------------------------------------------------------------------------- ------------- Copyright @ TechKnowGram Limited, All Rights Reserved Page 7 of 9
TechKnowGram Limited ISO 9001:2015 & ISO 27001:2013 Certified Company
[email protected] | www.TechKnowGram.com
Phone: +88 02 55008199 | Mobile: +88 01819250309
5/9 Block B, Suite B1, Lalmatia, Dhaka 1207, Bangladesh.
Insider Threat Detection
Insider Threat Detection: By creating time-based behavioral baselines and continuously learning, an effective way to
detect insider threats, without generating high volumes of false positive alerts. Get alerted about suspicious and restricted
activities in real-time & react quickly to protect critical data.
Email Security
Email Security: Various techniques to secure sensitive information in email communication and accounts against
unauthorized access, loss, or compromise. The solution is especially important for organizations required to follow
compliance regulations, like GDPR, HIPAA or SOX, or abide by security standards like PCI-DSS.
----------------------------------------------------------------------------------------------------------------------------- ------------- Copyright @ TechKnowGram Limited, All Rights Reserved Page 8 of 9
TechKnowGram Limited ISO 9001:2015 & ISO 27001:2013 Certified Company
[email protected] | www.TechKnowGram.com
Phone: +88 02 55008199 | Mobile: +88 01819250309
5/9 Block B, Suite B1, Lalmatia, Dhaka 1207, Bangladesh.
SOC Automation & Orchestration
SOC Automation & Orchestration: The process of integrating a disparate ecosystem of SOC tools and processes to
automate tasks for simpler, more effective security operations. Security orchestration solves these problems by creating
harmony between processes and technologies, so that most day-to-day SOC tasks can be completed in a single console.
Policy Manager
Policy Manager: Managing your network security policy across on premise firewalls and cloud security controls is a
delicate balancing act. Reduce risk by minimizing the attack surface, on the other hand enable productivity by
provisioning connectivity for critical business applications. Simplifies and automates network security policy management.
----------------------------------------------------------------------------------------------------------------------------- ------------- Copyright @ TechKnowGram Limited, All Rights Reserved Page 9 of 9
TechKnowGram Limited ISO 9001:2015 & ISO 27001:2013 Certified Company
[email protected] | www.TechKnowGram.com
Phone: +88 02 55008199 | Mobile: +88 01819250309
5/9 Block B, Suite B1, Lalmatia, Dhaka 1207, Bangladesh.
Multi Factor Authentication
Multi Factor Authentication: An authentication method that requires the user to provide two or more verification
factors to gain access to a resource such as an application, online account, or a VPN. Enforcing the use of an MFA factor
like a thumbprint or physical hardware key means increased confidence that organizations will stay safe from cyber
criminals.
For More Information
TechKnowGram Limited
Suite: B1, Plot: 5/9, Block: B, Lalmatia Dhaka 1207, Bangladesh
Phone: +88 01819250309 | Email: [email protected] | URL: www.TechKnowGram.com