View
2
Download
0
Category
Preview:
Citation preview
©2018 Network Intelligence. All Rights Reserved.
Network IntelligenceCorporate Profile
The Network Intelligence Story
2001 2003 2004 2007 2008 2011 2012 2014 2016 2017 2018
TeamSize
Company
commences
its operations
Successfully developed
first set of automation
tools to differentiate
service offerings
Executed 1st International
project for Dubai Stock
Exchange
Won first US customer
(leading SIEM vendor)
Presentation on Detection and
Evasion of Web Application
Attacks at Blackhat conference
Awarded ISO 27001Delivery and Training
Centres expanded
NII is a certified
PCI DSS QSA
MSSP Services
Launched
NII acquires Torrid
Networks
Operations in
Singapore started
NII receives $5
million in
funding from
New York based
Helix
Investments
valuing the
company at $22
million
Additional
offices and
partnerships
signed up in
UK, Europe and
Australia
Middle East
Operations
commenced
Training Division
Started
2001
1
2003
5
2005
8
2007
10
2009
20
2011
30
2013
80
2015
170
2016
300
2017
400
2018
550
©2018 Network Intelligence. All Rights Reserved. 2
Big data platform for
Security Analytics –
launched
Organization Structure
©2018 Network Intelligence. All Rights Reserved. 3
PMO
Admin
IT
Subject Matter Experts
Consultants
EMEA
North America
India
APAC
Innovation & Research
Process Improvement
Development & Testing
Pre-Sales
Implementation & Support Services
Training Operations
Training Sales & Marketing
Training
Finance
Human Resource
Sales & Marketing
30 320 50 15 20 35 15
CEO
K. K. Mookhey
480+Total Headcount
Security Monitoring
Incident Response & Threat Hunting
Vulnerability Management
Project Delivery Managed Security Services
Research & Development
Professional Services Training Support Services
Management Team & Board
©2018 Network Intelligence. All Rights Reserved. 4
KK Mookhey, Founder & CEOKK provides the vision and direction for the firm, and has steered it froma one-man consulting shop started in 2001 to a global cybersecurity firmwith an expansive portfolio of services. A technologist at heart, he enjoysdealing with complex security problems and developing solutions toclient challenges. He is a qualified PCI QSA, CISA and CISSP.
Altaf Halde, Global Business HeadA seasoned cybersecurity professional with over two decades ofexperience in building businesses, Altaf spearheaded the South Asiabusiness for Kaspersky for 7 years prior to joining the firm. In his previousstints he has run India business for companies such as Sophos, Utimacoand others. Highly passionate about cybersecurity, he combines sharpbusiness acumen with a keen sense of humor
Deep Chanda, Business Head (Americas)Deep brings in over 13 years of sales and marketing experience in the cybersecurity space. Prior to joining NII, he lead the Americas business for another PCI QSA company, and before that he was with American Express. At Network Intelligence, he focuses on growing our North America and LATAM business with special emphasis on PCI, MSSP, and Assessment services.
Munesh Ahuja, Global Delivery HeadMunesh brings more than 24 years of rich experience across multipledomains: Information Technology, Telecom, Business ProcessOutsourcing, BFSI and US Healthcare. Munesh is passionate aboutanalysing data to build information while delivering successful customerstories. At Network Intelligence, he is responsible for delivery across ourservice lines of assessment, consulting and remediation. If Munesh is notat work, he is busy preparing for his next marathon.
Wasim Halani, Research & Development HeadWasim started and has grown his career at the firm. Starting off as apenetration tester, Wasim started our research team in 2016, and sincethen has contributed significantly to new service lines, improvement ofquality in existing service lines, and most importantly in the developmentof our big data platform with machine learning capability – BlueScope™.He also oversees the development team that works on Firesec™ – oursecurity orchestration and automation platform.
David Danziger, DirectorDavid Danziger is a Director of Helix Investments and also on the Board of Network Intelligence. He is also a co-founder and managing member of Culbro LLC. Mr. Danziger's previous experience was in marketing and finance. A graduate of Harvard College and Harvard Business School, Mr. Danziger serves on the boards of Griffin Industrial Realty Inc, TDBBS LLC, Med Emporium LLC and LearningMate Solutions Pvt. Ltd.
Consulting Services Portfolio
©2018 Network Intelligence. All Rights Reserved. 5
• Web and Mobile Application
• Code Review
• Network Architecture
• Infrastructure Vulnerability Assessment
• IoT, Blockchain, Cloud Security
• Red Team Assessments
• Bug Bounty Programs
• Critical Infrastructure (ICS)
• Telecom Infrastructure
• ERP
• Cybersecurity Strategy
• Cybersecurity Maturity Assessment
• Risk Management
• Compliance Frameworks – NIST, GDPR, ISO 27001, PCI DSS, HIPAA, SSAE18, ISO 22301
• Policies and procedures
• Security Awareness
• CISO-as-a-Service
• Security Architecture Implementation
• Infrastructure Security Hardening
• Secure Cloud Migration
• Security Solution Selection and Evaluation
• Security Solutions Implementation and Support – WAF, PIM, DLP, EDR, DAM
Assessment GRC Technology Services
MSSP Service Portfolio
Security Monitoring &
Incident Response
Active Threat Hunting
Red Team Assessment
Security Assessment
(Network, Web & Mobile
Applications)
SOC Maturity Assessment
and SIEM Optimization
Anti-Phishing Pro-active
Monitoring & Take Down
Service
Digital Forensics
& Malware Analysis
SOC Automation
Device Management
©2018 Network Intelligence. All Rights Reserved. 6
Technology Coverage
Security
Monitoring
Security
Analytics
Vulnerability
Management
Web Application
Firewalls
Privileged ID
Management
Next Generation
Firewalls
Endpoint
Security
Data Leakage
Prevention
Cloud
Security
Active Threat
Hunting
1 2
6 7
3 4 5
108 9
©2018 Network Intelligence. All Rights Reserved. 7
Marquee Clientele – Global
©2018 Network Intelligence. All Rights Reserved. 8
Leading analytics software company
Leading Spear-Phishing Company
Leading Backup Solution Provider
Leader in unified procurement and supply chain solutions
United Nations Children’s Fund
Leading IT software vendorWorld Food Programme
International Fund for Agriculture Development
Leading Multinational Bank
Global Telecom Major
Walmart International Technology GiantStaples Volkswagen
Leading Analytics Company
Sony Corporation Hong Kong and Shanghai Banking Corporation Thomas Cook
VFS Global Leading Credit Bureau
Marquee Clientele – Asia
©2018 Network Intelligence. All Rights Reserved. 9
Largest Private Bank in the Country
Top 3 Oil & Gas Companies Leading Online Trading Platform Large Oil and Gas Company Large business conglomerate
Largest Stock Exchange 2nd Largest Stock Exchange Top 3 IT Vendors Large Pharmaceutical Company Top 5 Telecom Vendors
Leading Media Conglomerate International Technology Giant Leading Local Search Engine Top 5 Private Banks in the Country
Leading Analytics Company
2nd Largest Private Bank in the Country
Top 5 Private Banks in the Country
National Payment Switch Leading Online Travel Portal Leading Car Buying Portal
Marquee Clientele – EMEA
©2018 Network Intelligence. All Rights Reserved. 10
2nd Largest Bank in Saudi Arabia 2nd Largest Bank in UAE Large Global Front-Office Provider Large IT Vendor in Middle East
Top 10 Banks of UAE National Carrier of Kuwait Top 10 Banks of UAE Top 5 Banks of Qatar
Top 10 Banks of UAE Large IT Vendor in Middle East Top 10 Banks of UAE National Payment Switch of UAE
Top 10 Banks of UAE UAE Government Entity Large Hospitality Group Large IT Vendor in Middle East
Why customers love us?
©2018 Network Intelligence. All Rights Reserved. 11
Very glad to share with you that the NII team
under the guidance of the Senior Security
Consultant could support and make the WIFI
security assessment a success without
compromising on the security aspects and the
patience in the countless discussions for WIFI
security assessment. Would like to also
acknowledge the good work done by Saurabh
and Amit to make this happen.
CISO - Large Bank
We would like to express our sincerest & heartfelt gratitude
for the hard work, dedication, customer service &
professionalism shown by the consultants during the recent
stabilization exercise. All 3 of them rotated in 8 hour shifts,
sacrificed their fun (during a company picnic) and came
out of the way to help us, when we needed them the most.
They really have gone above & beyond and for this, we
request NII to send us a quotation for professional services
for the amount of time they spent here during this exercise.
CISO – Large Bank
“I am glad to intimate you that all the 3
personnel from NII have performed
exceptionally well by showing great sense of
dedication towards identification, follow up
and closure of vulnerabilities. They have also
been an example for other resources by being
punctual everyday to office. It’s a pleasure to
have these guys with us.”
Security Manager – Large Ecommerce
Company
“The work related to this activity had coverage over Physical Security, Trading Systems, Network and Network Security; along with interactions
with various people. However, the work also had an important part related to understanding the business we are in Stock Exchange;
It was observed that [the Consultant] has been able to quickly learn and apply his knowledge and expertise to accomplish the verification of the
business functions and requirements. This is rare and hence Ï am writing email of appreciation towards his work. We value his deployment for
this project, his work has raised the bar of delivery expectations.
CISO - Largest Stock Exchange
People Focus• We wholeheartedly encourage all employees
to pursue relevant opportunities to learn and enhance their skill-sets. We have our own Learning and Development portal which includes technical and non technical study materials.
• Employees attend various security community events happening in their cities and also conduct sessions and present talks at such community meets (Bsides, OWASP, Null, etc.)
• Weekly internal knowledge sharing session on any cutting-edge topic, such as Blockchain, IoT, SCADA Security, etc.
• Training for new hires: All new hires have to undergo a compulsory training program.
Staff Certifications
Certifications Count
Certified Ethical Hacker 70
Offensive Security Certified Professional (OSCP) 12
Certified Information Systems Auditor 6
Certified Information Systems Security Professional (CISSP) 3
CREST Certified 2
PCI DSS Qualified Security Assessor (QSA) 6
ISO 27001 Lead Auditor / Lead Implementer 40
Cyberark/Imperva/QRadar/Arcsight Certified 20
©2018 Network Intelligence. All Rights Reserved. 13
Case Study – Big Data Analytics for Security
Client:
Amongst Top Private Sector
Banks in the country
The Need:
Visa / MasterCard reported
that the client’s ATM network
has been breached putting
3.2Mn customers potentially
at risk
Scope of work:
Investigation at the ATM
Switch (complex environment
with multiple servers &
firewalls along with an
outsourced SOC)
01 Information Log
• 150 GB+ of logs on Day 1 &
counting
• Varied log formats – at least
12 & counting
• Time pressure to analyse
quickly & prove/disprove
theories
• Client unwilling to send logs
out of the network
02
• Failed Logins | Successful Logins |
Processes executed | System
Restart | Services Installed | Event
Log cleared
• Schema Changes | Failed Logins |
Successful Logins | All critical
events
• Top Talkers | Top Destinations |
Correlation with known IoCs |
Entropy of destination domain
names
• All changes | All critical events |
Connectivity Ratios
• Frequency analysis of emails
sent/received | Dump of all
attachment names 2 months prior
to the period of CPPs’ | Extract all
attachments & conduct
automated sandbox analysis
• Failed logins | Critical Kerberos
events | Lateral movement signs |
Changes to group policy
Analytics Performed
DATABASE
Firewall
AD Logs
03Findings
• Narrowed down to the main
server compromised
• Attackers modus operandi and
toolkit used found
• Worked backwards to find out
the other servers that were
compromised
• Results delivered within 72
hours of onsite investigation
©2018 Network Intelligence. All Rights Reserved. 14
Case Study – Red Team Assessment
Client:
Amongst Top 3 Banks in the
country
Scope of Work:
• Red Team assessment to
test Client’s defenses in a
real world cyber attack
scenario on their Retail &
Corporate Internet Banking
and Mobile Banking
Systems
• Identify key loopholes in
the security setup & action
points to address them
• Build response, recovery
and resiliency capability
rather than traditional
approach to identify,
prevent & detect issues
Discovery
Map out systems and
hunt for targets for
compromise
Data Centre
Capture
• Compromise of Primary systems
• Capture of exposed data
Key Skills Used:
• Technical Hacking
• Physical Hacking
• Social Engineering
Infiltration Points:
• Headquarters / Bank Branches
• Internet Banking
• Users (Employees)
Exfiltration:
Captured data sent to base
in encrypted payloads
01 02
0304
Key Findings
1. Access to senior management mailboxes
2. Access to customer financial transactions
3. Admin rights to SAP
4. Planted physical backdoor device in Clients
network
Key Strengths - NII
1. Fully Undetectable Malware
2. Social Engineering Skills
3. Hacking Skills
4. Team comprising of Bounty Winners
5. Usage of Pwn Plug to access network
©2018 Network Intelligence. All Rights Reserved. 15
Our Products
Features
©2018 Network Intelligence. All Rights Reserved. 17
It is an automated solution for security device rule configuration analysis,optimization and compliance readiness. With Firesec you can determinecompliance levels to PCI DSS, CI Security Benchmarks, and other standards, aswell as determine insecure rules, redundant rules, and unused rules that canhelp significantly optimize. We support most of the major firewall vendors,router, and switch vendors as well as the leading proxy products.
Analyze & Optimize rule bases
Uncover unused objects
Review Rules
Compliance Readiness
Customized user dashboard
Cherry pick reports sections
Configuration comparison
Log & Hit count Analysis
Multi-Vendor Support
©2018 Network Intelligence. All Rights Reserved. 18
It is an Elastic-powered big data platform for security analyticsproviding you the ability to mine massive amounts of data, do patterndetection, threat hunting and advanced forensics. The use cases aremapped to the MITRE ATT&CK framework and enable detection ofadvanced attacks on your organization.
Reduce false positives
Use cases mapped to MITRE ATT&CK framework
Scheduled reports and alerts
Discovery of bad actors via machine learning algorithms
Detect file-less malware and other adversary artefacts
Run advance search and data discovery
Reports and Metrics
Capabilities
Threat Hunting
CISO Dashboards
Why partner with us
Why partner with us
©2018 Network Intelligence. All Rights Reserved. 20
Constantly innovating and adding new services and capabilities to the portfolio
Agile and customer-friendly service delivery philosophy
Capability extends beyond web and mobile apps to IoT, Blockchain, Cloud, and Critical Infrastructure security
Team of 480+ cybersecurity professionals and growing at 40-50% CAGR
Our engagement philosophy is a partnership model rather than transaction-based
Focus on detail and personalised attention
Well-established delivery process with focus on quality and timeliness of delivery
Reference customers across geographies and industry including marquee names
Strong OEM partnerships
N E W Y O R K | D U B A I | M U M B A I | P U N E | D E L H I | B E N G A L U R U | S I N G A P O R E
©2018 Network Intelligence. All Rights Reserved. 21
Recommended