Scribd Logo
Upload

Welcome to Scribd!

  • Tjakrabirawa CyberSecurity Services 2022 v1.0

    Uploaded by

    Hammad Ahmad
    1 views33 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    1 views33 pages

    Tjakrabirawa CyberSecurity Services 2022 v1.0

    Uploaded by

    Hammad Ahmad

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 33

    TJAKRABIRAWA TEKNOLOGI INDONESIA

    Company Profile & Services Descriptions

    WWW.TJAKRABIRAWA.ID
    TJAKRABIRAWA INTRODUCTION

    2016 Founded

    10 +
    Experience
    YEARS

    DIVERSE Industry
    OUR CLIENTS
    CYBER
    DEVSECOPS AS
    SECURITY
    A SERVICE
    INSURANCE*

    TJAKRABIRAWA MANAGED MANAGED


    DECEPTION THREAT
    MANAGED SECURITY TECHNOLOGY* HUNTING

    SERVICE PROVIDER
    SERVICES BREACH
    ATTACK
    MANAGED
    SECURITY
    SIMULATIONS VALIDATION

    MANAGED
    THREAT
    INTELLIGENCE
    DEVSECOPS AS A SERVICE
    -- DETAILED TECHNICAL ASPECT --

    WWW.TJAKRABIRAWA.ID
    • INTEGRATE WITH CURRENT CI/CD
    PIPELINE
    • END TO END SECURITY SERVICES
    • EASY INTEGRATIONS (DAYS –
    WEEKS)
    • FLEXIBLE TOOLCHAIN OPTIONS
    • FIXED COST
    TYPE TRANSFORMATIONAL AS A SERVICE

    Implementation Time 1-3 Years 1 Week – 1 Month

    Toolchain Customizable – Maximum Customizable – Minimum


    Integrations Integrations
    Cost Varies on the Fixed cost
    implementations
    Flexibility Medium Maximum

    Reporting Customizable Customizable

    Deliverables Governance Security Assessment


    Architecture Reporting
    SOP
    Tool Chains
    Reporting
    KPI
    Roadmap
    Security Champions
    • STATIC ANALYSIS SECURITY TESTING
    (SAST)
    • SOURCE COMPOSITION ANALYSIS (SCA)
    • SOFTWARE BILL OF MATERIAL (SBOM)
    • CONTAINER SECURITY
    • DYNAMIC ANALYSIS SECURITY TESTING
    (DAST)
    • MANUAL PENTEST
    • TRIAGING
    • REPORTING & RECOMMENDATIONS
    MANAGED THREAT HUNTING
    -- DETAILED TECHNICAL ASPECT --

    WWW.TJAKRABIRAWA.ID
    CURRENT TYPICAL STATE /
    TRADITIONAL SOC MULTIPLE
    ALERT
    Threat Network
    Intelligence Security
    MULTIPLE
    MITIGATIONS

    MDM Endpoint
    Security Security ALERT MULTIPLE
    PROCESS

    Cloud Email MULTIPLE


    Security Security RESOURCES

    MULTIPLE
    TIME
    ALLOCATIONS
    FLOW

    Technology Alert
    •SIEM
    •EDR Contain Inform
    •NGFW Surface Threat
    Threat Intelligence Active Advanced Compromised Investigation
    •WAF Analysis & Alert
    Support Threat Hunting Asset, Scoping & Findings &
    •etc Prioritization
    Remediation Recommendations
    EXPERTISE AS A
    SOFTWARE
    ▪ Visibility into initial attack
    ▪ Accelerate detection and ▪ Visibility to network-based
    detection
    response across all endpoints threats like data exfiltration,
    backdoor communications, and ▪ Prevent malicious threats
    ▪ Scope and respond to the
    network abuse delivered through email
    whole incident
    ▪ Rapidly scope malicious activity ▪ Ingest and analyze 3rd party
    ▪ Quickly contain at the
    in network traffic logs
    endpoint
    ▪ Quickly respond to network ▪ See across multi-cloud
    ▪ Leverage built-in forensic
    incidents as they occur infrastructure
    tools
    MAIN COMPONENT (Public Cloud + SaaS providers
    + Private Cloud)
    ▪ Prevent Cloud credential abuse
    and cloud misconfiguration
    *ENDPOINT NETWORK EMAIL CLOUD
    SECURITY SECURITY SIEM
    SECURITY SECURITY

    TJAKRABIRAWA MANAGED THREAT HUNTING


    THREAT
    INTELLIGENCE

    TJAKRABIRAWA
    EXPERTISE &
    EXPERIENCE MANAGED DEFENSE
    PORTAL
    MANAGED SECURITY VALIDATION
    -- DETAILED TECHNICAL ASPECT --

    WWW.TJAKRABIRAWA.ID
    WORKFLOW

    Infrastructure – Web App – Mobile App

    ▪ Detailed Report Findings ▪ Continuous asset visibility


    ▪ Remediation Assistance ▪ Reduce cyber risk exposure
    ▪ Raising cybersecurity posture
    ARCHITECTURE
    Web Application Network Mobile Application Source Code
    Assessment Assessment Assessment Review

    TJAKRABIRAWA MANAGED SECURITY DASHBOARD


    USER REPORTING
    Testing & Proof of Concept
    REQUIREMENT
    Analysis Evidence REMEDIATION
    SCOPE & ASSISTANCE
    SCHEDULE Validation & Risk Rating
    MITIGATION
    Review Decisions ASSISTANCE
    MANAGED THREAT INTELLIGENCE
    -- DETAILED TECHNICAL ASPECT --

    WWW.TJAKRABIRAWA.ID
    COMPONENT

    Threat intelligence is data that Breach


    is collected, processed, and Machine
    Intelligence

    analyzed to understand a Intelligence

    threat actor’s motives, targets,


    and attack behaviors. Threat Operational
    & Adversary
    intelligence enables us to make Intelligence
    faster, more informed, data-
    backed security decisions and
    change their behavior from
    reactive to proactive in the fight
    against threat actors
    RICH & UP TO DATE THREAT
    INTELLIGENCE
    FLOW

    Threat Intel Sources

    TJAKRABIRAWA MANAGED TI
    DASHBOARD
    REPORTING
    Continuous Use Case
    Monitoring Integrations SIEM/NGFW RULE
    USER USE CASE
    REQUIREMENT IMPLEMENTATION DEEP ANALYSIS
    Validation & Risk Rating THREAT HUNTING
    ALERT BASED
    Review Decisions REPORT
    BREACH ATTACK SIMULATIONS
    -- DETAILED TECHNICAL ASPECT --

    WWW.TJAKRABIRAWA.ID
    ASSUMPTION BASED APPROACH
    CYBERSECURITY

    We Assume products
    We Assume
    are deployed –
    technology works as
    configured – and tuned
    vendor claimed
    properly

    We Assume people are We Assume changes to


    correctly handling the environment are
    events and processes properly understood,
    are efficient and communicated and
    effective implemented
    Which area can How to validate
    we improve / our defense
    reduce mechanisms

    Are we
    susceptible with Can we be
    the breach that breached by the
    KEY QUESTIONS happened to
    company ABC
    latest attack?

    Could Actor XYZ


    compromise our
    business
    ARCHITECTURE

    ACTORS
    • EMAIL
    • ENDPOINT
    • NETWORK
    • CLOUD
    REPORT SAMPLE
    CYBERSECURITY SERVICES
    -- DETAILED TECHNICAL ASPECT --

    WWW.TJAKRABIRAWA.ID
    Vulnerability
    Assessment &
    Audit & SERVICES
    Red Teaming
    Incident Handling Source Code
    Compliance Service & Response Review
    Penetration Testing

    Regulator
    Goal based On demand
    Basic security Compliance – Breach
    adversarial source code
    assessment Certification investigations
    simulations review
    Preparations

    PBI – POJK –
    Black-box, Grey- ISO27001 – NIST 18+ Language
    Real world TTP Fraud analysis
    box, White-box – OCIE Supported
    Cybersecurity

    Infrastructure - Cybersecurity
    Comprehensive Comprehensive
    Web App - Roadmap & Litigation Support
    Reporting Reporting
    Mobile App Project Mapping

    Comprehensive
    Reporting
    TECHNOLOGY PARTNER

    WWW.TJAKRABIRAWA.ID
    PT. Tjakrabirawa Teknologi Indonesia
    Manhattan Tower 12th Floor, TB Simatupang
    phone : 021-80641090 | Web: http://www.tjakrabirawa.id |
    Info : info@tjakrabirawa.co.id

    You might also like