BSS against cybercrime
International cybersecurity experts from Cybersecurity Ventures has estimated that a cyber-attack occurs every 14 seconds in the world in 2019. Realizing the urgency of this topic for the financial industry and other business areas, BSS is actively developing its expertise and competencies in the field of information security. Moving to a new level, BSS offers services for the implementation of projects to protect information of various access levels. Today, these services are in demand in the banking sector more than ever. In particular, BSS conducts penetration tests to effectively identify security vulnerabilities, as well as information security auditing and consulting.
Penetration Tests, PenTest
Problem to be solved: every day new hacking tools appear on the darknet, dozens of new vulnerabilities are discovered in the software, hundreds of companies are attacked by hackers and are deprived of money and important data.
Solution: penetration test is the only way to really identify weaknesses in the security system. Our specialists are not limited to the standard set of tools, but emulate real attacks on the corporate infrastructure, which can lead to compromise.
Result: external, internal and sociotechnical pentest, analysis of Wi-Fi, web and mobile applications security, simulation of DDoS attacks, source code analysis, Red Team, and even testing of fraud scenarios: all that make it possible to find, fix and, ultimately, solve cybersecurity problems.
Audit and consulting
Problem to be solved: toughening requirements of the industry regulator (the CB) in the field of information security.
Solution: audit for compliance with standards, expert audit of information security, training and consulting for employees of information security departments, training of ordinary bank employees in the basics of personal and corporate information security. As part of the audit, BSS experts recommend best practices for the speediest achievement of the result — the required level of compliance or to achieve a new level of security for the system as a whole.
Result: compliance with the regulator’s requirements: 382-П (RUS), 683-П (RUS), 684-П (RUS) and other regulatory documents, such as GOST R 57580.1-2017.