PT.

Permata Anugerah Abadi (PAA) Founded in 2005 by a group of IT practitioners who have
expertise and experience in the field of integrated IT Solution.

Since 2018, PAA was acquired by Metrocom, we have tried to transform the solution for
Information Technology Security for our customers and develop solutions with the best and most
up-to-date expertise and experience. We are focusing on providing better services for our clients
and finding the best-fit solution with our many experienced technical staff.

PAA will become a problem solver, independent analyst, project manager, and trainer, with
experience in the use of Information Technology Security solution to create the company's
operation strategy more effective and competent.
 Cybersecurity Solutions
OUR SOLUTIONS
Cyber Security Assessment Service

Cyber Security Consultant Service

Govern
To conduct:
• Risk assessment and recommendation
• Asset assessment and management
• Recommendation for Standard and
Procedure
Recover Identify

Cyber Security Compliance Improvement

• Scanning and enforce security standard

Automatically using:

• Penetration Testing

Respond Protect
• App Security Testing

• Vulnerability Assessment
Detect
 Cybersecurity Solutions
OUR SOLUTIONS
Identity
IDAM
PAM
Govern 2FA/MFA

Data

DLP
Database Protection

Recover Identify Data Encryption

Tokenization

App

WAF
Mobile Application Protection

Endpoint

Anti Virus
EDR
XDR
Endpoint DLP

Respond Protect Network

Firewall
DDoS Protection
Anti Spam
SSL
Network DLP
Training and Awareness Intrusion Detection Systems (IDS)

Detect Table-top Exercise

Intrusion Prevention Systems (IPS)
VPN
Phishing programs Secure Web Gateway
Broadcast Cybersecurity Awareness NAC
Cybersecurity solutions training & certification Deep Packet Inspection
 Cybersecurity Solutions
OUR SOLUTIONS

Continuous Monitoring and Incident Handling Govern

Experience Professional Service for:

• Security Operation Center (SOC) 24x7

Monitoring tools using SIEM
Recover Identify
• Cybersecurity Solution Monitoring Service

• Cyber Threat Intelligence

• Cyber Security Compliance Monitoring

• Incident Reporting, Detection, Response Team

• Back-up and Restore

Respond Protect

Detect
 Proposal Teknis
Our Competencies
We adopt existing frameworks (NIST, ISO 27001, PMP, ITIL, COBIT &
TOGAF) and collaborate with clients to provide integrated strategic
solutions that align with the organization, designed to reduce risk, costs,
and eliminate gaps. Strong engineers, on-time project completion, and
competitive pricing.

Resource Competencies:
Customer Portfolio
Here are some of our significant experiences from our many IT Security solutions in variant industry.

Proposal
Telkomsel
Teknis
As a Leader on the Telco Industry in Indonesia, Telkomsel always requires the best technology solutions on the market to
accelerate the success of business goals. Since 2013 until now, we have been delivering our IT Security solutions for
Telkomsel's, such as IT Security Hardening Automation, Tokenization and Database Access Monitoring.

Bank CIMB Niaga

Since 2020, we have been trusted by CIMB Niaga Bank to protect 22 thousand endpoints, and until now, the number of
endpoints being protected is still increasing. Because they are very concerned about protecting their system from
malware or virus attacks that can cause damage to their system, especially now that ransomware attacks are increasing
and dangerous.

Adira Finance
Adira Finance has become a leading company in the financing sector that serves a variety of brands and products. We have
been delivering IT Security solution for Adira Finance for Asset Discovery & Management, and IT Security Hardening
Automation.
Customer Portfolio
Here are some of our significant experiences from our many IT Security solutions in variant industry.

Proposal Teknis
Komisi Pemberantasan Korupsi
KPK was established in 2002 and has since been highly effective in investigating and prosecuting corruption cases,
including those involving high-profile politicians and government officials. From 2021, we already helping and provide
cyber security services and solution to KPK for their DevSecOps, using Interactive Application Security Testing (IAST).

Telkom Indonesia
Telkom as the largest telecommunications services company in Indonesia, providing a wide range of services including
fixed-line telephony, mobile telephony, internet, and data communications. With the approaching deadline for compliance
for UU PDP No 27, we help Telkom with technology solution database activity monitoring.

Pertamina – Kilang Pertamina Internasional (PT KPI)

PT Kilang Pertamina Internasional is a Sub-holding Refining & Petrochemical PT Pertamina (Persero) which is strategic
holding company. We have delivered IT Security services, such as Security Posture Assessment, Vulnerability Assessment,
Penetration Testing, Day to Day operation and Security Awareness Training.
Customer Portfolio
Here are some of our significant experiences from our many IT Security solutions in variant industry.

Proposal Teknis
PT ASDP Indonesia Ferry
Since early 2023, we provide vulnerability assessment tools (for server and web application) and manage services to
ASDP, which is a state-owned enterprise responsible for managing ferry services in Indonesia, operating in over 40 ports
across the country. It plays a crucial role in connecting the many islands of Indonesia, facilitating the transportation of
people, vehicles, and goods.

BPJS Ketenagakerjaan
BPJS TK, as a Public Legal Entity directly accountable to the President of the Republic of Indonesia, provides protection for
workers to address specific socio-economic risks arising from employment relationships. Since 2023, we provide solutions
for data security in the form of Data Encryption and Privilege Access Management.
Our Customer
Here are our customers from various industry for IT Security solutions.

Proposal Teknis
PAA Experience
 TELKOMSEL - Database Security Solution (2013 – Current)

Objective
• Help IT Security to monitor and alert of any database security
incidents;
• Help Telkomsel to ensure data privacy, protect against insider threats,
and enable regulatory compliance for any database installed in
Telkomsel environment;
• As long we have Database security tools, we can detect and find some
serious attacks on database.

IBM Guardium Data Protection Solutions

Implementations:
Manage Operations:
• Database security for more than 70 critical applications, which contain
• Daily Operation & Monitoring;
PII/FII data (Compliance to UU No. 27 year 2022)
• Install guardium agent for additional db server;
• Perform database security for 207 database servers:
• Update guardium agent when required after any updated db
⚬ protection against multiple database type:
or OS kernel;
￭ PostgreSQL, MySQL, Oracle, Oracle Exadata; SQL Server
• Refresh, uninstall agent for inactive/un-used db server
⚬ protection accessing for unauthorized user/client
⚬ alerting for any suspicious activity based on security policy to SIEM
 TELKOMSEL - Data Tokenization (2020 – Current)

Objective
• Help Telkomsel to protect customer data, particularly PII (personally
identifiable information)
• Full protection of PII data reducing risk of data misuse.
• Eliminate repetitive effort to mask data for each project involving
external party.
• Compliance with applicable laws and regulations.

IBM Guardium Tokenization Solutions

Implementations: Manage Operations:
• Perform tokenization PII on running data Business Intelligent (BI) • Daily Operation & Monitoring;
Datalake Platform. Protection data on Customer’s Name, Customer’s • Support BI Datalake Telkomsel for token and de-tokenization
Address, Customer’s date of birth, Customer’s NIK, Customer’s Passport process;
Number, Customer’s Maiden Name, Customer’s gender, Customer’s • Upgrade system for tokenization if needed
device geolocation, Customer’s Device info, MSISDN, phone numbers
• Perform tokenization data on the rest BI Datalake via Bulk Data
Transformation system
• Installation cache server to optimal performance process data token
and de-token
 PEGADAIAN - Database Security (2021 – Current)

Objective
• To protect customer data, particularly sensitive data (PII, FII);
• Eliminate un-authorized user to get and read data, file from core
database
• Compliance with security applicable laws and regulations

IBM Guardium Data Encryption Solution

Implementations:
Manage Operations:
• Database security for 4 critical applications;
• Daily Operation & Monitoring;
• Provide solution to protect database:
• Provide policy for additional PII table and column;
⚬ Accessing to core database
• Provide policy for additional file encryption
⚬ Data masking for sensitive PII, FII data
• Perform encryption for data file transfer:
⚬ Prevent un-authorized to access and read the data dump file
• Provide policy and template for data protection and file encryption
 Jasa Raharja – Database Security Tools (2023 – Current)
Objectives

• Setup Data Encryption in DC and DRC environment

• Perform setup and configuration of Data Redaction in DC and
DRC environments

Database Security Tools and Managed Service

Implementations: Managed Services:
• Installation and setup Oracle Advance Security with features of: • Babysitting for 3 months
⚬ File Encryption • Preventive Maintenance for 2 (Two) years
⚬ Data Protection
• Security Policy configuration at Database Application which refer to
Security Standards without impacting business process
• Rebuild and re-compile Procedure & Function on the existing
database so that it can be used from an existing application after
applying database security
 TELKOMSEL - Security Hardening Solution (2020 – Current)
Objectives
• Cyber Attacks targeting computers and other digital systems continuously rise
• Automatically enforce security compliance to Telkomsel infrastructures with Ansible use CIS and ISMS as benchmark, in order to prevent
from attack surfaces , for example closing unnecessary port (robust configuration) from nmap scanning tool (attack surfaces) .
• Security Audit Compliance, currently Telkomsel has lack of security hardening enforcement in its more than 8000 infrastructure
environment and those lack of security hardening is non-compliance to Standard Information Security Management

Red Hat® Ansible® Solution

Implementations:
• Automate Security Hardening with Ansible for 4.700 prioritize servers (147 Critical Applications),
which contains PII/FII data and/or Public Facing;
• Installation & Configuration Red Hat® Ansible®;
• Develop Playbook Scan, Remediation, Rollback for 13 OS Variant base on TSEL Security Baseline and
CIS Benchmark;
• Develop Dashboard Monitoring using Grafana;

Manage Operations:
• Daily monitoring, Weekly Scanning Security Baseline;
• Perform remediation when a server is found that does not comply with the security baseline.
 CIMB Niaga - Implementation Endpoint Detection Response
Solution (2020 – current)
Objective
• Limitations of CIMB Niaga's IT Security team in monitoring and
mitigating security holes in IT devices and servers so that they can be
exploited by malware, viruses and APTs
• CIMB Niaga's IT Security Team has Endpoint Detection Response (EDR)
tools to detect and provide an appropriate response when malware
activity is found on the CIMB Niaga network.

SentinelOne EDR Solutions

Implementations: Manage Operations:
• Deliver 16,000 Units of Endpoint Protection Platform Subscription • Daily Operation & Monitoring;
and Installation and Configuration of SentinelOne Management • Agent installation if there is a new device;
Server; • Uninstall Agent if any device is not used anymore;
• Installing EDR agent on all computer devices (desktops, laptops and • Upgrade Management Server version if any;
servers) using existing IBM BigFix; • Upgrade the Agent version if any.
• Setting Security Rules
 KPK – Web Security Scanner (2021 – Current)

Objective
• Having a Web Scanner Vulnerability Tool software that can scan and
check web server and web application weaknesses quickly, besides that
this software must also be able to provide suggestions on what to do if
weaknesses are found on the website.

Synopsys Seeker Solutions

Interaction Application Security Test

Implementations: Maintenances:
• Installation and Configuration of Synopsys Seeker Server Enterprise; • Preventive Maintenance
• Synopsys Seeker agent installation; • Corrective Maintenance
• Web Application Tests;
• Create Report.
 Alto Network – Firewall Managed Services (2018 – 2020)

Objective
• Perform Managed Services for Alto Network 3 Data Center sites

Managed Services for Alto Networks

Manage Operations:
• Network Maintenance
• Monitoring Network
• Network Configuration
• Network Troubleshooting
• Installation, Remote and Update Patches
• Operations reports

BAU Operational activities include such as:

• Firewall Security Policy configuration
• SSL VPN and Security Policy VPN configuration
• VLAN configuration
• Troubleshoot
• Backup Firewall, Router, Switch
• Etc.
 Santini Group – Mail System & Security (2021 – Current)

Objective
• Migration of Mail System from Cloud to On-Premise for 100 accounts;
• Have a secure Mail System;

Fortinet & Zimbra Solutions

Implementations:
• Zimbra Mail Server installation and configuration;
• Migration of email accounts from Google to Zimbra Mail Server;
• Fortigate Installation and Configuration;
• Fortimail Installation and Configuration.
Manage Operations:
• Daily Monitoring Fortigate & Fortimail;
• Addition or Reduction of Mail User;
• Preventive & Corrective Maintenance;
• Zimbra Mail Server version upgrade if available;
• Upgrade Fortigate & Fortimail firmware if any.
 ASDP – Tools Vulnerability Scanner and Managed Service (2023
– Current)
Objectives
• Test and improve the security of each application so that the principles
of confidentiality, integrity and availability can be fulfilled properly
• Find vulnerability risks in the network and recommend appropriate
mitigation or remediation to reduce or eliminate the risks
• Provide an understanding of organizational assets, security systems and
risks faced, and reduce the possibility of cybercriminals attacking
company systems.

Tools Vulnerability Scanner and Managed Service

Implementations: Managed Services:
• Implementation Tenable Vulnerability Scanner tools: • Operational managed services for 8x5
⚬ On premise Tenable.sc for 500 assets • Qualified resource for managed services:
⚬ Cloud base Tenable.io for Web Application Scanning 5 (five) ⚬ Lead Project
FQDN ⚬ Senior Security
• Deliver recommended solutions for assets category criticality and ⚬ Junior Security
SOP for vulnerability findings • Scanning and Remediation for vulnerability findings
• Report scanning results and recommendation
 ASDP – Switch and Access Points Devices (2022 – Current)
Objectives
• Availability of switches and access point devices that have been
integrated with the Fiber Optic LAN network infrastructure
• Increasing High Availability for LAN network connections

Switch and Access Points Devices

Implementations:
• Deliver and implement Switch and Access Points devices using H3C
at 10 level floors in ASDP new HQ
• Provide training for end-user for Switch and Access Points devices

Managed Services:
• Three years maintenance for:
⚬ Preventive Maintenance:
￭ Periodic monitoring of the system
￭ Make a findings report if there is a potential system mal-
function
￭ Inform/recommend update version.
⚬ Corrective Maintenance