FPT CYBERSECURITY


SERVICES
 Table of
Content

How strong is your

cybersecurity game?
01 02

Our Principles in Security Services
Are you sure your system can stand attested the around 4000 attacks daily on the internet? (1) Cybersecurity for Application
Would you rather spend around $4 million (or $9.25 million if you're in healthcare sector) for a
breach or a way smaller amount preventing them? (2)

Would you risk the trust built between you and your customers with a breach or an attack? 03
Security Services
Are your 11% of IT budget on cybersecurity well spent? (3) for Cloud

Would you be well prepared for the response if you were breached or experienced a cyberattacked?

We are your
04 05
trusted partner
Security Services Why FPT?
for Cyber Operation

01
Ff
PT cybersecurity
CYBERSECURIT sYervices
SERVICES

Our principles in cybersecurity SECURITY SER ICES V

Eit er on premise or cloud your applications are sub ected to
h

cyber t reats
- , j

FOR PPLIC TIO

h .

A A N P rotecting your application means protecting your business ou . Y

may already be running one or more vulnerability scanners but

Alignment security priorities
,

t ey simply cannot uneart vulnerabilities like business logic

h h ,

aut ori ation and aut entication defects Is it a good idea to

h z , h .

Attack driven defense invest in your in ouse testing team r simply avoid t e
-h ? O h

Strategy comple ity by implementing a flimsy cybersecurity program

x ?

ur security services for application it compre ensive grasp of

Vendor agnostic
O w h h

Drive simplicity t e soft are development lifecycle DLC can assist in evaluating
h w (S )

and transforming your s ift left and Dev ec ps practices e

" h - " S O . W

simplify t e complications t at come along it cybersecurity so

h h w h

Information protection Operation you can go to market it ease and confidence

w h .

Continuous improvement

Assessment Factory
Embrace automation

Leverage native controls

Technical Security
O ur standardi ed package of uman e pertise processes and tec nologies
z h x ,

ensures t at security vulnerabilities are identified and fi ed before deployment

h

to save significant time and reduce comple ity x .

x
, h

01
Software defined Security A A
0
SL SH REMEDI TION TIME

B y providing intuitive straig tfor ard artifacts and prioriti ing

, h w , z

significant risk e elp uickly address t e security vulnerabilities

, w h q h
2

FPT SECURITY SERVICES PORTFOLIO

and remediate t em as rapidly as feasible
h .

A
0
ELEV TE DEVOPS

Dev ec p
S O ecurity Desig
S W e facilitate integrating security testing into t e Dev ps h O

Penetration Testin ecurity Engineerin

S pipeline ile maintaining velocity to give compre ensive
wh h 3
Security Testing & Microsoft ecurit
S
visibility and insig t into t e security of your applications
h h .

Assessment
ecurity osture evie
S P R
ecure oft are
ecurity oderni ation
S S w

Development Life Cycle S M z

Application Cloud
Security

Offer

Cyber Operation

Cybersecurity aturity Assessment

M

Security latform anagemen

P M

M anaged Detection and espons

R

Security peration Center as a ervice

O S

0 3
 fFPPT CYBERSECURIs
cybersecurity TYerSERVI
vices CES

Our Solution How we Do ’

Scanner can t thin k. They act upon existing patterns.

Everything we do is manually done, from the enumeration to vulnerabilities

discovery, exploitation and privileges escalation. We delve further and try to walk in

the hackers' shoes.

2.2 3.2
Cloud solution design Secure coding

Application security Any technique that we use will be covered in the final report and we make sure you
2.1 3.2 Code review
have the right remediation plan ahead .

Quality

2. Design 3. Coding Security

OSS

Software

Business
requirement Developmen t
Enumeration Vulnerability Penetration

Life Cycle Determine live hosts , Identification & Exploitation

, ,
open ports services and
User manual and automated Leverage manual
application surfaces
techniques to discover q
techni ues and public

vulnerabilities
exploits to gain a foothold
5. Deployment 4. Testing

White box
verification
Security
5.2 4.1 security testing

advisory AST/SAST
Compliance
5.1 4.2 D

Report Final Escalate

Software development phase What we offer
Report on the findings and Inspection Privileges
recommendation
Going over all aspects , More laterally and exploit
consolidate findings system and environment
Cloud security solution design
design k
wea nesses to elevate
Application security design privileges

Secure coding Source code revie

coding
Training class for OWASP top 10 Security defects

awarenes

Highly customizable execution Supported target

OSS defects

Whitebox security testing (Penetration testing with source code

Testing assisted
OWASP standard based test case Web application
Dynamic and static security analysis (DAST/SAST)

Time boxed manual security testing z k

Customi ed testing chec list for different targets Mobile application
OWASP verification standard (ASVS) (ATM, Banking, desktop app)
I
Digital AP applicatio

CVSS ris k scoring compatible system

Deployment Independent security verificatio Compliance gap k
Des top application
assessment and Standard and compliance combability
Security review: architecture and
configuration advisory

Greybox application assessment

z
Customi ed testing suite and fu zzing

03
 PT CYBERSECURITY
FfP SERVICES
cybersecurity services

SaaS Analytics and

SECURITY SERVICES Cloud is simple to access but difficult to secure.

Application Cloud Access

Orchestration

FOR CLOUD Your cloud provider has numerous security measures in place to
safeguard your data. However, do you comprehend your security
and data Security Broker

responsibilities in relation to this data flow? Are you aware of all SIEM
cloud-based workloads you operate? Are there systems in place
to help you scale effectively and safely?
PaaS
Our security services for cloud assist you down the path to secure Kubernetes Container Security Data Security

Identity and Access Management

modernization. We have been there before and determined to
assist your team in achieving a robust security posture.
SOAR
IaaS
Programming paradigm
01
Data
With our programmatic approach that includes all pillars of your cloud
journey, your organization achieves a more unified, long-term plan as
opposed to one-off projects or cloud security products. Applications WAF/RASP Use Case
Management

Vendor agnostic Workloads EDR/CWPP

02 Our toolkits and experts can easily assist your business with the
secure design, implementation and management of native,
hybrid, or multi-cloud environments. Networks EDR/CWPP

Cloud Platform Cloud Security Posture Management

03 Diverse portfolio
We construct offers for practically all dimensions of your
cloud environment.
What we offer

Security design
Security review
for Cloud Security Infrastructure
against Well
Governance posture as Code
Architecture
Platform and assessment development
Framework
Infrastructure

CI/CD and Development

Solution
Guardrail setup factory for
integration and
based on threat detection
deployment
OWASP ASVS and SecOps

05
fPT CYBERSECURITY
FPT cybersecurity services
SERVICES

Cyber security operation was never an easy game.



SECURITY SERVICES
Detection & Response as Service Detection & Response Augmentation
FOR CYBER OPERATION A robust security program requires more than simply
the appropriate technologies. Environment monitoring
also necessitates competent professionals, which have
long been the pain of many organization.

Our security services for cyber operation bridge the

gaps by delivering comprehensive solutions and AlertIQ - FPT SecOps Platform Expert engineers
services across all critical telemetry sources with data
driven technologies and human experts. Alert triage and management Security operation center
Detection engineering Detection & response team
Automated incident response Threat research team
Integration & tuning team
01 Increase efficiency and response speed Threat intelligence integration
Our security operation platform leverages data analytics and automation to Continuous improvement Service delivery management
streamline security operation tasks.

Certified security experts

02 Our experts provide certified management and support for all major
security product vendors, including Microsoft, Devo, Cybereason,
Splunk, and more.
Cloud platform Endpoint security Network security Identity

How we're Different

Focus on what matters
03 We look after your security devices so you can concentrate
your time and resources where they really count. We work with data differently

01 Not going with the traditional route of depending entirely on the alerts from your
security stack, our platform suppresses, enriches and correlates these alerts to reduce
noise and ensure what you get are threats that counted. We have successfully
What we offer reduced alert fatigue by 93% and mean-time-to-respond by 10X.

YOU SEE WHAT WE SEE

02
Managed
Managed
Detection and SOC as a Service Our stance on transparency has remained consistent from Day-1. With AlertIQ, you see
Vulnerability
Response exactly what our analysts see. What happened, the root causes and how to react, you get
all these information just like we do.

Your security journey matters to us

Microsoft
Sentinel
Management
Splunk
Management
03 Our dedicated team of experts welcomes you from the first engagement and provides
end-to-end managed support. Clear metrics to measure success are communicated
thoroughly and mindfully between FPT and you. Our pricing is predictable with no
complications. You deserve the best support system possible in this cyber war.
 Organization

Partners

Cybersecurity Experts