iviz profile
DESCRIPTION
iViZ Security is the industry’s first Software as a Service based on-demand penetration testing solution for applications, networks and compliance. Using this solution organizations can conduct comprehensive, regular penetration tests in a cost-effective manner and easily manage compliance requirements like PCI, SOX, ISO-27001, HIPAA etc.,TRANSCRIPT
On Demand
Security TestingOverview
www.ivizsecurity.com
An IDG Ventures Company
iViZIndustry’s First
On Demand Penetration Testing Company
Industry’s First On Demand Penetration Testing Solution
Subscription based security testing solution for applications, networks & compliance
provides demand, comprehensive and cost-effective coverage
IDG Ventures FundedA top tier venture firm with over $4 Bil. investment whose
portfolio include Netscape and MySpace
Research RecognitionsStrong vulnerability research team credited with vulnerability
discovery in products of Microsoft, Intel, McAfee, IBM, AVG etc.,
Technology Recognitions
Globally recognitions from US Dept. of Homeland Security, Intel,
World Economic Forum, Red Herring, London Business School
etc.,
Strong Customer AdoptionLarge enterprises across various industry domains like Media,
Web, E-Commerce, Banking, Telecom, Government, Technology
and others
About iViZ
Security Challenges
Businesses Face
Security Challenges Businesses Face Today
Business Continuity
ComplianceManagement
BrandProtection
Prevent business disruption by protecting
critical IT assets
Manage ever growing compliance requirements
PCI, ISO-27001, SOX, HIPAA
Ensure safety of your application and
confidential customer data
Threat Landscape Is Increasing!
Even Secure Organizations Are Not Safe!
Threat Landscape Is Increasing!
Multi-Stage Attacks Are Harder To Detect
Critical Server
Non-Critical Server
Attacks Are Getting Complex
The Solution
Proactive Regular Security Testing Penetration Testing Ensures You Are Safe
Regular proactive Penetration Testing is needed to augment defensive security monitoring measures such as firewalls, IDS, IPS etc., especially in light of the rising level of targeted attacks
iViZ On Demand Penetration Testing
Applications | Networks | Compliance
Comprehensive | Cost-Effective | On Demand
iViZ Solution
On Demand
Application
Penetration Testing
On Demand
Network
Penetration Testing
On Demand
Compliance Reporting
Covers compliance like PCI, SOX, ISO-27001, HIPAA & more
SOX/HIPAA compliant penetration testing
ISO-27001 compliant quarterly penetration testing
Multi-Stage Attack Simulation to detect attacks missed in traditional testing
Expert analysis along with automated exploitation
Covers all 26 classes of WASC application vulnerabilities & OWASP Top 10
Expert analysis along with automated scanning
Business logic verification
Covers all CVE / NVDB / SANS Top 20 vulnerabilities as well as data leakage detection
Specialized Testing For Web 2.0 Technologies (AJAX, JavaScript, Flash, ActiveX etc.,)
Automated Exploitation And False Positives Elimination
PCI-DSS Scanning including compliance templates & auto fill-in from test results
Solution Highlight
Unique Multi-Stage Attack Simulation Technology detects all attack paths missed in traditional approach
iViZ Remote Security Operation
Center
Customer Network
On-Demand Portal
Internet
Secure iViZ Scan Cluster
Industry’s First Subscription Based On-Demand SolutionWorks over the Internet – Anytime - Anywhere
Solution Highlight
1
2
3
SCHEDULE TEST FROM ONLINE PORTAL
VIEW REPORTS ONLINE OR BY ENCRYPTED EMAIL
TEST CONDUCTEDAUTOMATICALLY
OVER THE INTERNET
1 2 3
Hybrid Testing :
Automated Scanning With Expert Analysis
Provides Superior Security Coverage
Solution Highlight
Expert Analysis & Validation
Automated Attack Simulation & Exploitation
Automated Vulnerability Assessment
•Expert analysis provides extra security coverage for all business logic vulnerabilities, complex hard-to-find vulnerabilities
•Automated exploitation removes all false positives as well as covers multi-stage attack paths and data-in-motion leakages
•Automated vulnerability scanning provides coverage for attack paths missed even in conventional testing
Superior
Coverage
iViZ Solution Benefits
Online Dashboard providing flexible scheduling, historical trends with powerful vulnerability management capability
MAS coupled with expert analysis helps in the detection of attack paths otherwise missed out in traditional testing and also eliminates the false positives
Monthly / Quarterly Subscription helps in providing higher ROI and lower TCO (Total Cost of Ownership)
On Demand Comprehensive Cost-Effective
On-Demand Portal Screenshots
Top 2 in Asia / Top 6 in World Top 100 in Asia Top 8 in World
Top 4 Emerging Company
Innovative Company Finalist Top 10 Hottest Startups Top 2 in India
Global Technology Recognitions
2007 2008 2006
2009 2008 2006
Hard Disk Encryption BIOS Antivirus
iViZ Research Recognitions
iViZ Vulnerability Research has discovered security vulnerabilities
in the following products
F-Prot version 4.6.8, Sophos
SAVScan 4.33.0, AVG for Linux
version 7.5.51, Avast for
Workstations v1.0.8, Bitdefender for
GNU/Linux version 7.60825, ClamAV
0.93.3
Microsoft Bitlocker/Vista (SP0),
SafeBoot Device Encryption v4,
Build 4750 and below
Hewlett-Packard 68DTT Ver. F.0D,
Intel Corp
PE94510M.86A.0050.2007.0710.1559,
Lenovo 7CETB5WW v2.05
iViZ Follows Responsible Disclosure Policy:1) Private vendor disclosure 2) Vendor coordinated public disclosure 3) No public proof of concept
Media/Online Telecom / Mobile Financial Services
Government Technology Others
Customers Across Broad Industries