Web Service Security
The variety of modern web services— from online banking to arrangement of a visit to a doctor - is so wide that substantiated vulnerability analysis and flexible security approaches become a must-have. Our integrated approach includes:
- Web Application Firewalls (WAF) to detect and block web resource attacks on the application layer.
- DDoS protection tools.
- Vulnerability analysis services and tools that allow to optimize security systems configuration.
- Penetration testing - a proactive approach to vulnerability detection.
- Analysis of web application source code using specialized tools.
Conventional Information Security Solutions
We have a deep knowledge of all popular information security tools, such as email and web filters, antiviruses, firewalls, etc. We are familiar with a large spectrum of products from dozens of vendors, we help clients to choose the optimal solutions based on their requirements to functionality and cost, and assist in integration of these solutions into the existing infrastructure.
Web and Email Protection
Platytec offers solutions for blocking dangerous or undesirable web traffic from the world’s leading vendors.
Server, Workstation and Mobile Security
Endpoint protection tools, firewalls and antiviruses for workstations are the most popular information security products, and dedicated tools for protecting mobile access, virtual infrastructures and databases solve more specific tasks.
Network Protection
The tasks of intrusion detection and prevention are solved by firewalls, IDS/IPS and VPN solutions. Firewall management solutions enable the analysis and optimization of the sophisticated and sometimes contradictory settings and configurations issues that originate from a typically long history of a corporate network.
Access Management
An efficient access management system should enable control of all the stages of employee access to information resources and create no inconveniences for business users. We are ready both to solve separate access management tasks and implement integrated solutions, which include:
- IDM systems for identity and corporate application access management, as well as SSO tools.
- PIM solutions for controlling the administrators’ activities, access right limitation, suspicious activity tracking.
- Access right management tools for unstructured data storages (for example, file shares), and solutions for activity audit.
Fraud Protection
Fraud protection systems
These systems automatically detect fraud attempts using the digital footprint that inevitably remains in information systems, and immediately spread the alarm. We know the fraud scenarios used in retail, logistics, and banking, and we use this knowledge to develop effective anti-fraud systems designed to detect real-life threats.
Fraud protection systems
These systems automatically detect fraud attempts using the digital footprint that inevitably remains in information systems, and immediately spread the alarm. We know the fraud scenarios used in retail, logistics, and banking, and we use this knowledge to develop effective anti-fraud systems designed to detect real-life threats.
Contractor Verification Systems
These solutions can be used to check a large number of contractors automatically by comparing and matching data from various sources. Our experts understand the specifics of verification in various industries and know how to use their competences in the systems they develop.
Protection From Targeted Attacks
The attacks targeted at particular organizations or companies are planned and executed in such a way that the standard security tools are unable to detect a threat. We offer our clients specialized tools for targeted attack detection. They launch suspicious code in a sandbox (isolated environment) and analyze abnormal network activity.
Critical Infrastructure and Industrial Security
The main information security task in manufacturing industries is ensuring continuity and safety of technological processes. Although there are a lot of specific solutions for controllers, sensors and control devices, such as fool proofing or physical isolation of critical systems, the risks typical for non-industrial systems (such as viruses and attacks) are becoming more common for plant control systems now due to the increasing use of conventional networking and software solutions (i.e. Ethernet and Windows) in industrial applications. Our vulnerability audit service for industrial systems allows to quickly developing a pilot project at a minimal cost, as it does not require the elaboration of project details or collection of vendor recommendations.
DLP and Access Right Management
We implement all the types of systems that provide data leak and unauthorized access protection:
- DLP - the technologies that prevent data from leaking beyond the corporate perimeter.
- IRM systems that limit the document access rights and log user activities.
- Other solutions, such as secure file storages, encryption and information classification tools.
Compliance
Many of our clients need to prove the compliance of their activities with the information security regulations, including the regulations on personal data protection. We offer and deploy certified information security tools, implement business processes, ensure corporate governance, and help clients to pass certification.
Information Security Operations Centers
At a certain IT maturity level, organizations need to establish a centralized information security operations management system. Such a center provides a full vision of the current state of information security assets, enables elimination of non-conformances in due time and ensures the required information security level. The main functions of such a center are:
- Event monitoring, user activity audit, vulnerability management.
- Incident management.
- Monitoring the compliance with legislative requirements and standards.