Prosegur Cybersecurity launches a new era as Cipher.
The cybersecurity team, now under the Cipher brand, introduces this project focusing in securing assets, IT systems, processes and, ultimately, individuals.
Cipher represents Prosegur's determination to lead the cybersecurity industry.
A truly specialist and recognized brand in cybersecurity
With an experience of 18 years in the market
With a global reach and presence in the United States
A team of professionals with the highest industry certifications
A more robust portfolio of security solutions with global leadership in the field of Managed Security Services
Greater investment in R&D
We have developed a line of services centred on incident prevention, detection and response.
Provide visibility, control and continuous monitoring.
Administration, operation and security infrastructure management.
Resolution of any type of security incident. Protection, detection and risk mitigation.
Monitoring and Correlation of Events
Supervision and management of client's IT Security infrastructures.
Focused on efficiency and service quality.
Vulnerabilities Management
Based on the cyclical practice of Identifying, Classifying, Remedying and Mitigating risks.
The services are focused on risk, as a set of quantifiable procedures that are responsible for continuously detecting and mitigating the risks generated by the security vulnerabilities.
Operation and Administration of the Security Infrastructure
THROUGH SOC:
We operate.
Assess.
Maintain and provide support to any security infrastructure.
Response to Incidents and Forensic Handling of Incidents
As a response to an incident, we follow these steps:
Preparation.
Identification.
Containment.
Eradication.
Recuperation.
Forensics.
Lessons Learned.
Outsourcing Services
Professionals available for any temporary Security, Cybersecurity and GRC need. From junior level to C levels (including virtual CISO / CIO / Head of Cyber Security).
Monitoring of the Customer's Security Centre.
Security Operation and Administration.
Incident response.
Training.
Monitoring of open, hidden sources and anonymous networks in the Deep Web. Analysis of data and information. Risks evaluation. Response proposals.
Identification of events related to information leaks, cyber attacks, cybercrimes and digital fraud.
Early detection of threats for illicit use of cyberspace.
Brand Protection
Administration of the company and the risk-related brand protection.
Early detection and response to any type of threat (including neutralised and deleted content).
Search for relevant data, information from digital press, forums, blogs that could represent a threat.
With specific surveillance technology: Information about Risks Map, List of Key Words, Semantic Analysis.
Real-time.
Monitoring of Digital Infrastructure Threats
Vulnerabilities Tracking and Advice:
Real-time mediation.
Risk level mediation.
Cyberthreats newsletter: Security warnings, cybernetic threat newsletters and publications.
Impact analysis + associated Action Plan.
Cyber Intelligence sources supply
Gathering and correlating intelligence information from + 100 intelligence sources.
Digital Fraud
Cybersquatting: Domain registration Monitoring.
IPs/Domain reputation.
Fraud malware prevention:
Detection and analysis of malware to identify malicious binaries.
SOCs witch access to global intelligence malware networks.
Prosegur CERT.
TECHNICAL AUDIT:
Organizations Support in risk identification and remediation.
Increase in the level of maturity and frameworks of Information Security control.
Forensic Digital Analysis to clarify an event that occurred in a IT equipments and preparation of an expert report.
Response to incidents (DFIR). Advanced management of security incidents both in OnPremise and Cloud systems.
Ethical Hacking
Holistic approach.
Methodologies such as OSSTM, OWASP and frameworks developed internally.
Analysis of:
White Software Box and Pentestings.
Black Box, Grey Box and Footprinting.
Red Team.
Social Engineering
We divide the services into three phases:
Recognition: Inclusion of search engines, collecting emails, DNS records, social media, metadata, public records.
Intrusion: Phishing attacks to get credentials and access to network levels.
Analysis and Reports: Analysis of the information gathered.
Security in applications: Static and Dynamic Analysis
Static Analysis: Discovering software vulnerabilities by auditing the source code without having to run the application.
Dynamic Analysis: Analysis of applications, extracting information from its dynamic and design through a controlled execution and without accessing the source code.
Security in Applications: Safe Software Development Life Cycle (SSDLC)
Safety from the start of the development using static and dynamic Code Analysis and Best Practice tools.
Compliance with requirements such as OWASP Top 10, OWASP Top 10 Mobile, NIST, PCI DSS and others.
DIGITAL FORENSICS:
Judicial computer experience
The objective is to clarify an event occurred in a computer or IT system, with the creation of a Forensics Report that can be presented Out of Court or in Court.
Digital DFIr service forensic and incident response
Main tasks are broken down into three phases: Collection of information, in-situ and operating procedures generation, both in OnPremise and laaS Cloud environments.
Multi-disciplinary team made up of different profiles: Ethical hackers, System-Network Administrators and Forensic Analysts, with the most relevant certifications in their field.
As an IT Emergency Response Team (CERT - CSIRT), we are able to contain threats, analyse malware and perform DDOS data analysis and forensic analysis.
SLAs and time banks, selected according to the customer's needs.
Bag of hours in 8x5 or 24x7 mode and SLA, selected according to the needs of the client.
Example of cases: Service Refusal, Malware Analysis, Information Leaks, Ransomware, Compromised Systems, Remediation Of Cloud Attacks, Intellectual Property Vulnerabilities, Regulatory Violations, Internal/External Intruder Test and Data Recovery.
Support in the normative and legal compliance of Information Security.
GAP analysis and action plans of Level of Risk.
Cybersecurity Technical office for risk management and resilience.
Regulatory and legal compliance
Personal data protection: LOPD, GDPR
Security certifications: ISO 27001, ISO 22301, PCI-DSS...
Legal compliance with cyber security: PIC, ENS, NIS...
Security Management
Security governance model (GRC).
Management, analysis and control of Cybersecurity risks.
Security office: global strategy, indicators, metrics, controls, resilience level, etc.
Information security services
Security Audits.
Guidance plans, business continuity plans, creation of procedures and policies.
Training and awareness.
Design and implementation of Cybersecurity solutions for protection and response to incidents.
Configuration and programming of Cybersecurity tools to reduce IT and OT risks.
Solutions design
Analysis of the Technical architecture security and status of current customer solutions.
GAP analysis between current situation and desired level of risk.
Design of technological architectures focused on protection and cybersecurity resilience.
Infrastructures implementation
Agreements with the main international Security software vendors.
Continuous research of new technologies.
Protection of the perimeter, job, in the cloud and OT installations.
Configuration and customisation
Configurations based on the customer's risks.
Collaboration with the Hacking Departments to create customized patterns.
Application of best-in-breed Project Management Methodologies.
Solutions Integration
.
Strategic Agreements
Company Certificates
Use of Cookies
Prosegur uses cookies to make statistics and help give you the best experience on our site showing related products according to your preferences. If you continue to use this site, we’ll assume that you’re happy to receive all cookies. Want to learn more about our cookies policy?