Technology & Data Support
One Team, One Goal- Innovation & Transformation
Practice Leader
- Karan Gupta
- karangupta@spcnc.com
Karan spearheads the TRICS division at SPC with more than 15 years experience in field of Technology, Risk & Integrity Consulting having extensive experience in implementation and consulting for ERP, CRM, HRIS, ISMS, EPS, DMS & PMS. Combined with his expertise in Risk management, SOP development, Fraud risk framework and Anti-Money Laundering he, along with the dedicated Technology team provides end to end business strategy and technology implementation advisory to clients within SPC ecosystem.
IT HELPDESK
Our IT Helpdesk service provides 24/7 support, ensuring seamless operation of your IT infrastructure by quickly resolving technical issues and minimizing downtime. With a team of experienced professionals, we offer comprehensive assistance to keep your business running smoothly.
Expectation Gap
- Real time Visibility not available for monitoring of End User Device.
- Not much Visibility into Application & Service Performance
- Proactive Problem Management is almost like a dream.
- High Number of Incidents.
- Large Number of Hop Counts to solve even a simple issue.
- High MTTR of Incidents & AHT for support calls.
- Low Number of First Call Resolutions (FCRs)
USER EXPERIENCE ENHANCEMENT
OUr DELIVERY MODEL
BUILDING BLOCK
Service Management
- ITSM, ITAM
- Remote, Compliance
- User Access Management
Endpoint Analytics
- Persona Management
- Holistic Proactive Automation
- Compliance
Operations BI
- Live Dashboards
- Reporting
- Compliance
Additional Defaults
- Chat Support Platform
- ACD / IVR with CTI
- Field Force Management - HFS Power Automate/ RPA
ANALYTICS & INTEGRATION
SPNX Consulting is a center of excellence using advanced analytics to create predictive insights and enabling intelligent decision-making that can help organizations take proactive decisions and deliver results. Data analytics will help organizations examine data sets to find unseen trends, hidden patterns, and relationships in data to conclude the information they contain.
Our team of experts can assist you to capture data from different sources, sanitizing the data, perform advanced analytics to create dashboards, filters, and MIS reports. We use tools including VBA & Macros based MS Excel, Python, JS Charts, and Power BI & Tableau in a SQL-based environment.
Live dashboard-based customizable analytics help businesses
- Predict future, current, and past performance
- Make smarter and more timely decisions
- Facilitate real-time or visual sharing of vital information
- Leverage metrics or insights to make significant improvements
DATA DRIVEN DECISION MAKING
VULNERABILITY ASSESSMENT & PENATRATION TESTING
Co-managed Vulnerability management operations
Develop VM Governance Structure
- Understand the architecture, Network/IP distribution, existing processes & reports, existing security solutions, Device location, Connectivity, Application (in scope), SLAS
- Develop a structured VM program plan, Risks & Dependencies, Report type, formats & frequency, SOPs, Escalation. Matrix, Roles & Responsibilities, etc.
- Develop process for managing workload via agile framework
Asset Discovery
- Periodic Asset Discovery scans, Asset grouping & Asset tagging
Scheduled Scanning & Reporting
- Perform Vulnerability Scanning, False positive analysis & removal
- Remediation Advisory, remediation co-ordination
- Visualizing threat data from the SOC analysts
- Determining susceptible assets and prioritize vulnerability patches using threat intel advisory
- Vulnerability Scan report, Executive Management Report as per Customerdirections.
PENETRATION TESTING SERVICES APPROACH
Define Scope
Discussion on In Scoped & Out Scoped Parameters
Enumeration /Recon
Passive & Active Information Gathering
Assessment Scanning
Identification & Validation of Vulnerabilities
Exploitation
Exploit True Vulnerability to gain unauthorized access
Post Exploitation
Escalate privilege level & extract the sensitive data
Reporting
Report all Findings with Remediation
tools used for va&pt
ACUNETIX
Acunetix Vulnerability Management. Acunetix is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross-site scripting and other exploitable vulnerabilities.
NESSUS
Nessus is an open-source network vulnerability scanner that uses the Common Vulnerabilities and Exposures architecture for easy cross-linking between compliant security tools. It employs the Nessus Attack Scripting Language (NASL),
BURP SUITE
Burp Suite is a Java based Web Penetration Testing framework. It has become an industry standard suite of tools used by information security professionals to identify vulnerabilities and verify attack vectors for web- based applications.
NETSPARKER
Netsparker is an automated web application security scanner. Netsparker helps identify security flaws such as SQL Injection, Cross-site scripting, OS Injection and other vulnerabilities.
NMAP
The structured data is then used in reporting tools like Power BI and Praxis-Pro, which help visualize and analyze the information. It enables companies to make informed decisions based on clear, concise data reports.
DIGITAL TRANSFORMATION
Our partnership with Lakeside enables our IT team to gain a comprehensive view of your IT and employee digital health, proactively managing digital issues before the end user even notices, by automating the discovery & resolution of end-user issues at first-touch, and accelerate & automate resolution of the most complex tickets.
Key Benefits Dervied Are:
- Enhanced User Experience
- Improved Consumer Experience
- Persona-Based Catalogue Service
- Automation-Driven Self-Service Enhancements
- Faster Onboarding and Time to Market
- One IT- Higher Productivity and Effectiveness
- Always Available IT
- Improved MTTR and Average Handling
OUR SUP
- Holistic Approach
- Exclusive Boutique Partnership
- 360-Degree Relationship Building
- Leading in the Digital Workspace
- Unmatched Business & Data Understanding
- Certified SysTrack Resources
- Beta Program for Sensor Builder
Operational Model
MANAGED SOC & CYBERSECURITY OFFSHORING
UNDERSTANDING SCOPE OF SERVICES
Program and Governance Management
Vulnerability & Penetration Testing
- Vulnerability Management
- Configuration Assessment
- Infra VA scan with manual validation post scanning
- Re-testing post fixes implementation
- Configuration review against baseline standards
- Supporting infrastructure team on remediating backlog vulnerabilities
- Infra & Apps Penetration Testing
- Define Framework, Scope, Goals Identify, Validate & Exploit Vulnerabilities/Misconfigurations
- Event based revalidation testing
Incident Response
- L3 Incident Response
- Detection and Analysis
- Post-Incident Activity
- RCA Validation
SIEM as a Services Not Period
SIEM as a Service
- Eyes-on-glass Event Monitoring, analysis, triage, response
- 24x7 Real time Event Monitoring
- Security Event analysis and triage
- Log source onboarding, Verify and escalate validated incident based on severity
- Perform Threat Hunting and Intel analysis and reporting leveraging Existing SIEM
- Perform Threat research & remediation Plan
- Root Cause Analysis
- Playbooks and content engineering
- Orchestrate tasks and contextualization
MDR (SIEM) AS A SERVICE
We have thought through the key elements which will come together to create a robust, proactive and prescriptive cyber soc operations
24x7 Operations Support
- 24*7 Security Monitoring, Response, Triage, and Threat Prevention Platform Support
- Identify log sources to be integrated with the SIEM tool for centralized monitoring
- Incident Response Framework
- RCA Validation
Log source onboarding and Use Case engineering
- Identify log sources to be integrated with the SIEM tool for centralized monitoring
- Leverage Name.'s methodical approach for seamless onboarding of log sources
- Leverage Ready to deploy Name. i 's library of 20,000 use cases mapped to MITRE ATT&CK framework
- Playbook engineering leveraging Name.'s library of 200+ engineering playbooks
Threat Intel and Hunting
- Adopt MITRE ATT&CK framework to improve threat detection
- Continuous Rule Engineering to enhance threat detection based on Threat Hunting
Automation
- To create a single pane of glass view of SOC Operations
- Playbook Engineering for automating key use-cases
- Threat Intel dissemination to Security tools