On Demand

Security TestingOverview

www.ivizsecurity.com

An IDG Ventures Company

iViZIndustry’s First

On Demand Penetration Testing Company

Industry’s First On Demand Penetration Testing Solution

Subscription based security testing solution for applications, networks & compliance

provides demand, comprehensive and cost-effective coverage

IDG Ventures FundedA top tier venture firm with over $4 Bil. investment whose

portfolio include Netscape and MySpace

Research RecognitionsStrong vulnerability research team credited with vulnerability

discovery in products of Microsoft, Intel, McAfee, IBM, AVG etc.,

Technology Recognitions

Globally recognitions from US Dept. of Homeland Security, Intel,

World Economic Forum, Red Herring, London Business School

etc.,

Strong Customer AdoptionLarge enterprises across various industry domains like Media,

Web, E-Commerce, Banking, Telecom, Government, Technology

and others

About iViZ

Security Challenges

Businesses Face

Security Challenges Businesses Face Today

Business Continuity

ComplianceManagement

BrandProtection

Prevent business disruption by protecting

critical IT assets

Manage ever growing compliance requirements

PCI, ISO-27001, SOX, HIPAA

Ensure safety of your application and

confidential customer data

Threat Landscape Is Increasing!

Even Secure Organizations Are Not Safe!

Threat Landscape Is Increasing!

Multi-Stage Attacks Are Harder To Detect

Critical Server

Non-Critical Server

Attacks Are Getting Complex

The Solution

Proactive Regular Security Testing Penetration Testing Ensures You Are Safe

Regular proactive Penetration Testing is needed to augment defensive security monitoring measures such as firewalls, IDS, IPS etc., especially in light of the rising level of targeted attacks

iViZ On Demand Penetration Testing

Applications | Networks | Compliance

Comprehensive | Cost-Effective | On Demand

iViZ Solution

On Demand

Application

Penetration Testing

On Demand

Network

Penetration Testing

On Demand

Compliance Reporting

Covers compliance like PCI, SOX, ISO-27001, HIPAA & more

SOX/HIPAA compliant penetration testing

ISO-27001 compliant quarterly penetration testing

Multi-Stage Attack Simulation to detect attacks missed in traditional testing

Expert analysis along with automated exploitation

Covers all 26 classes of WASC application vulnerabilities & OWASP Top 10

Expert analysis along with automated scanning

Business logic verification

Covers all CVE / NVDB / SANS Top 20 vulnerabilities as well as data leakage detection

Specialized Testing For Web 2.0 Technologies (AJAX, JavaScript, Flash, ActiveX etc.,)

Automated Exploitation And False Positives Elimination

PCI-DSS Scanning including compliance templates & auto fill-in from test results

Solution Highlight

Unique Multi-Stage Attack Simulation Technology detects all attack paths missed in traditional approach

iViZ Remote Security Operation

Center

Customer Network

On-Demand Portal

Internet

Secure iViZ Scan Cluster

Industry’s First Subscription Based On-Demand SolutionWorks over the Internet – Anytime - Anywhere

Solution Highlight

1

2

3

SCHEDULE TEST FROM ONLINE PORTAL

VIEW REPORTS ONLINE OR BY ENCRYPTED EMAIL

TEST CONDUCTEDAUTOMATICALLY

OVER THE INTERNET

1 2 3

Hybrid Testing :

Automated Scanning With Expert Analysis

Provides Superior Security Coverage

Solution Highlight

Expert Analysis & Validation

Automated Attack Simulation & Exploitation

Automated Vulnerability Assessment

•Expert analysis provides extra security coverage for all business logic vulnerabilities, complex hard-to-find vulnerabilities

•Automated exploitation removes all false positives as well as covers multi-stage attack paths and data-in-motion leakages

•Automated vulnerability scanning provides coverage for attack paths missed even in conventional testing

Superior

Coverage

iViZ Solution Benefits

Online Dashboard providing flexible scheduling, historical trends with powerful vulnerability management capability

MAS coupled with expert analysis helps in the detection of attack paths otherwise missed out in traditional testing and also eliminates the false positives

Monthly / Quarterly Subscription helps in providing higher ROI and lower TCO (Total Cost of Ownership)

On Demand Comprehensive Cost-Effective

On-Demand Portal Screenshots

Top 2 in Asia / Top 6 in World Top 100 in Asia Top 8 in World

Top 4 Emerging Company

Innovative Company Finalist Top 10 Hottest Startups Top 2 in India

Global Technology Recognitions

2007 2008 2006

2009 2008 2006

Hard Disk Encryption BIOS Antivirus

iViZ Research Recognitions

iViZ Vulnerability Research has discovered security vulnerabilities

in the following products

F-Prot version 4.6.8, Sophos

SAVScan 4.33.0, AVG for Linux

version 7.5.51, Avast for

Workstations v1.0.8, Bitdefender for

GNU/Linux version 7.60825, ClamAV

0.93.3

Microsoft Bitlocker/Vista (SP0),

SafeBoot Device Encryption v4,

Build 4750 and below

Hewlett-Packard 68DTT Ver. F.0D,

Intel Corp

PE94510M.86A.0050.2007.0710.1559,

Lenovo 7CETB5WW v2.05

iViZ Follows Responsible Disclosure Policy:1) Private vendor disclosure 2) Vendor coordinated public disclosure 3) No public proof of concept

Media/Online Telecom / Mobile Financial Services

Government Technology Others

Customers Across Broad Industries

Thanks

www.ivizsecurity.com

info@ivizsecurity.com