Scope Of work

IT Risk Assessment

Application Security Assessment

IT Risk Assessment

image4

Structured and systematic procedure, which is dependent upon the correct identification of hazards and an appropriate assessment of risks arising from them, with a view to making inter-risk comparisons for purposes of their control and avoidance. We will provide the service across the organization and put into account all information assets, including people.

Penetration Test

Application Security Assessment

IT Risk Assessment

image5

A legal attempt to breaking security controls. Our penetration testing service will provide an excellent view of the actual security state of the environment as well as the organisational security state. This may also remain a control of the organization to avoid bias and if need be TurtleTech will help selecting external Pentesters.

Application Security Assessment

Application Security Assessment

Application Security Assessment

image6

Auditing and testing of your applications while providing actionable recommendations to protect your environment before live deployment. We deliver all web application security findings to you to implement risk management procedures or a developer can assist in performing the implementations.

BCP/DR Testing

BCP/DR Testing

Application Security Assessment

image7

Measure the effectiveness of your BCP/DR plan. 

Configuration

BCP/DR Testing

User Awareness

image8

It will be our responsibility to make sure that security appliance are configured using best practice standard and are functional, and giving value to the organisation. 

User Awareness

BCP/DR Testing

User Awareness

image9

Endusers are first line of defense, if they are not cyber aware they can easily provide access to the attacker without knowing. 

Vulnerability Management

Vulnerability Management

Vulnerability Management

image10

A comprehensive full lifecycle vulnerability management to minimise overall exposure to threats for stronger compliance and improved protection.  

Cloud Security

Vulnerability Management

Vulnerability Management

image11

Cloud services are provided with little or no security provision. It is a responsibility of the client to implement and manage security in the cloud and must be in line with regulations and industrial standards.

PCIDSS

Vulnerability Management

SWIFT CSP

image12

Secure your network, protect cardholder information, and achieve PCI compliance. We submit PCI scanning compliance reports directly to your acquiring bank(s), so you can complete and submit SAQs online.

SWIFT CSP

Patch Management

SWIFT CSP

image13

SWIFT launched the Customer Security Programme (CSP) in 2017, which aims to improve information sharing throughout the community, enhance SWIFT-related tools for customers and provide a customer security control framework to reduce fraud and cybercrime.  

Patch Management

Patch Management

Patch Management

image14

A process that helps acquire, test and install multiple patches (code changes) on existing applications and software tools on a computer, enabling systems to stay updated on existing patches and determining which patches are the appropriate ones. 

SOC

Patch Management

Patch Management

image15

Accurately detects  and respond to sophisticated security threats with comprehensive threat intelligence and monitoring. Delivers 24x7 real-time monitoring, correlation and expert analysis of your environment, using our Counter Threat Platform to eliminate false positives and detect valid threats

Forensic Investigation

Forensic Investigation

Forensic Investigation

image16

We will investigate all digital related incidents and provide evidence as well as standing as expert witness in court of law. 

IT Audit

Forensic Investigation

Forensic Investigation

image17

It is in our interest to make sure that there are no IT Security audit related findings. 

Threat Hunting

Forensic Investigation

Security Strategy

image18

An exercise that keeps actively looking for threats in an IT environment to make sure that threat are detected and erradicated or mitigated on time. 

Security Strategy

Anti-Malware Management

Security Strategy

image19

Develop a clear, holistic, risk based, correct and suitable security strategy for client, supported by effective governance structures, is critical in ensuring success. 

User Access Reviews

Anti-Malware Management

Anti-Malware Management

image20

It will be Turtletech’s responsibility to actively monitor and verify the appropriateness of a users’ access to systems and applications based on an understanding of the minimum necessary for users to perform or support business activities or functions. 

Anti-Malware Management

Anti-Malware Management

Anti-Malware Management

image21

We will handle configuration and management of anti-viruses, anti-spam, memory attacks and more against endpoints.

image22

Security Posture Reporting and Recommendations

We will provide overall security status quarterly for client’s software and hardware, networks, services, and information. The report will include the following areas:

  • Security Culture
  • Vulnerability Management
  • Compliance
  • Incident Management
  • Governance
  • Risk Analysis
  • Auditing

On Enduser devices, physical security, Data, Servers, Identity access, networks and applications.