PT.
Permata Anugerah Abadi (PAA) Founded in 2005 by a group of IT practitioners who have
expertise and experience in the field of integrated IT Solution.
Since 2018, PAA was acquired by Metrocom, we have tried to transform the solution for
Information Technology Security for our customers and develop solutions with the best and most
up-to-date expertise and experience. We are focusing on providing better services for our clients
and finding the best-fit solution with our many experienced technical staff.
PAA will become a problem solver, independent analyst, project manager, and trainer, with
experience in the use of Information Technology Security solution to create the company's
operation strategy more effective and competent.
Cybersecurity Solutions
OUR SOLUTIONS
Cyber Security Assessment Service
Cyber Security Consultant Service
Govern
To conduct:
• Risk assessment and recommendation
• Asset assessment and management
• Recommendation for Standard and
Procedure
Recover Identify
Cyber Security Compliance Improvement
• Scanning and enforce security standard
Automatically using:
• Penetration Testing
Respond Protect
• App Security Testing
• Vulnerability Assessment
Detect
Cybersecurity Solutions
OUR SOLUTIONS
Identity
IDAM
PAM
Govern 2FA/MFA
Data
DLP
Database Protection
Recover Identify Data Encryption
Tokenization
App
WAF
Mobile Application Protection
Endpoint
Anti Virus
EDR
XDR
Endpoint DLP
Respond Protect Network
Firewall
DDoS Protection
Anti Spam
SSL
Network DLP
Training and Awareness Intrusion Detection Systems (IDS)
Detect Table-top Exercise
Intrusion Prevention Systems (IPS)
VPN
Phishing programs Secure Web Gateway
Broadcast Cybersecurity Awareness NAC
Cybersecurity solutions training & certification Deep Packet Inspection
Cybersecurity Solutions
OUR SOLUTIONS
Continuous Monitoring and Incident Handling Govern
Experience Professional Service for:
• Security Operation Center (SOC) 24x7
Monitoring tools using SIEM
Recover Identify
• Cybersecurity Solution Monitoring Service
• Cyber Threat Intelligence
• Cyber Security Compliance Monitoring
• Incident Reporting, Detection, Response Team
• Back-up and Restore
Respond Protect
Detect
Proposal Teknis
Our Competencies
We adopt existing frameworks (NIST, ISO 27001, PMP, ITIL, COBIT &
TOGAF) and collaborate with clients to provide integrated strategic
solutions that align with the organization, designed to reduce risk, costs,
and eliminate gaps. Strong engineers, on-time project completion, and
competitive pricing.
Resource Competencies:
Customer Portfolio
Here are some of our significant experiences from our many IT Security solutions in variant industry.
Proposal
Telkomsel
Teknis
As a Leader on the Telco Industry in Indonesia, Telkomsel always requires the best technology solutions on the market to
accelerate the success of business goals. Since 2013 until now, we have been delivering our IT Security solutions for
Telkomsel's, such as IT Security Hardening Automation, Tokenization and Database Access Monitoring.
Bank CIMB Niaga
Since 2020, we have been trusted by CIMB Niaga Bank to protect 22 thousand endpoints, and until now, the number of
endpoints being protected is still increasing. Because they are very concerned about protecting their system from
malware or virus attacks that can cause damage to their system, especially now that ransomware attacks are increasing
and dangerous.
Adira Finance
Adira Finance has become a leading company in the financing sector that serves a variety of brands and products. We have
been delivering IT Security solution for Adira Finance for Asset Discovery & Management, and IT Security Hardening
Automation.
Customer Portfolio
Here are some of our significant experiences from our many IT Security solutions in variant industry.
Proposal Teknis
Komisi Pemberantasan Korupsi
KPK was established in 2002 and has since been highly effective in investigating and prosecuting corruption cases,
including those involving high-profile politicians and government officials. From 2021, we already helping and provide
cyber security services and solution to KPK for their DevSecOps, using Interactive Application Security Testing (IAST).
Telkom Indonesia
Telkom as the largest telecommunications services company in Indonesia, providing a wide range of services including
fixed-line telephony, mobile telephony, internet, and data communications. With the approaching deadline for compliance
for UU PDP No 27, we help Telkom with technology solution database activity monitoring.
Pertamina – Kilang Pertamina Internasional (PT KPI)
PT Kilang Pertamina Internasional is a Sub-holding Refining & Petrochemical PT Pertamina (Persero) which is strategic
holding company. We have delivered IT Security services, such as Security Posture Assessment, Vulnerability Assessment,
Penetration Testing, Day to Day operation and Security Awareness Training.
Customer Portfolio
Here are some of our significant experiences from our many IT Security solutions in variant industry.
Proposal Teknis
PT ASDP Indonesia Ferry
Since early 2023, we provide vulnerability assessment tools (for server and web application) and manage services to
ASDP, which is a state-owned enterprise responsible for managing ferry services in Indonesia, operating in over 40 ports
across the country. It plays a crucial role in connecting the many islands of Indonesia, facilitating the transportation of
people, vehicles, and goods.
BPJS Ketenagakerjaan
BPJS TK, as a Public Legal Entity directly accountable to the President of the Republic of Indonesia, provides protection for
workers to address specific socio-economic risks arising from employment relationships. Since 2023, we provide solutions
for data security in the form of Data Encryption and Privilege Access Management.
Our Customer
Here are our customers from various industry for IT Security solutions.
Proposal Teknis
PAA Experience
TELKOMSEL - Database Security Solution (2013 – Current)
Objective
• Help IT Security to monitor and alert of any database security
incidents;
• Help Telkomsel to ensure data privacy, protect against insider threats,
and enable regulatory compliance for any database installed in
Telkomsel environment;
• As long we have Database security tools, we can detect and find some
serious attacks on database.
IBM Guardium Data Protection Solutions
Implementations:
Manage Operations:
• Database security for more than 70 critical applications, which contain
• Daily Operation & Monitoring;
PII/FII data (Compliance to UU No. 27 year 2022)
• Install guardium agent for additional db server;
• Perform database security for 207 database servers:
• Update guardium agent when required after any updated db
⚬ protection against multiple database type:
or OS kernel;
■ PostgreSQL, MySQL, Oracle, Oracle Exadata; SQL Server
• Refresh, uninstall agent for inactive/un-used db server
⚬ protection accessing for unauthorized user/client
⚬ alerting for any suspicious activity based on security policy to SIEM
TELKOMSEL - Data Tokenization (2020 – Current)
Objective
• Help Telkomsel to protect customer data, particularly PII (personally
identifiable information)
• Full protection of PII data reducing risk of data misuse.
• Eliminate repetitive effort to mask data for each project involving
external party.
• Compliance with applicable laws and regulations.
IBM Guardium Tokenization Solutions
Implementations: Manage Operations:
• Perform tokenization PII on running data Business Intelligent (BI) • Daily Operation & Monitoring;
Datalake Platform. Protection data on Customer’s Name, Customer’s • Support BI Datalake Telkomsel for token and de-tokenization
Address, Customer’s date of birth, Customer’s NIK, Customer’s Passport process;
Number, Customer’s Maiden Name, Customer’s gender, Customer’s • Upgrade system for tokenization if needed
device geolocation, Customer’s Device info, MSISDN, phone numbers
• Perform tokenization data on the rest BI Datalake via Bulk Data
Transformation system
• Installation cache server to optimal performance process data token
and de-token
PEGADAIAN - Database Security (2021 – Current)
Objective
• To protect customer data, particularly sensitive data (PII, FII);
• Eliminate un-authorized user to get and read data, file from core
database
• Compliance with security applicable laws and regulations
IBM Guardium Data Encryption Solution
Implementations:
Manage Operations:
• Database security for 4 critical applications;
• Daily Operation & Monitoring;
• Provide solution to protect database:
• Provide policy for additional PII table and column;
⚬ Accessing to core database
• Provide policy for additional file encryption
⚬ Data masking for sensitive PII, FII data
• Perform encryption for data file transfer:
⚬ Prevent un-authorized to access and read the data dump file
• Provide policy and template for data protection and file encryption
Jasa Raharja – Database Security Tools (2023 – Current)
Objectives
• Setup Data Encryption in DC and DRC environment
• Perform setup and configuration of Data Redaction in DC and
DRC environments
Database Security Tools and Managed Service
Implementations: Managed Services:
• Installation and setup Oracle Advance Security with features of: • Babysitting for 3 months
⚬ File Encryption • Preventive Maintenance for 2 (Two) years
⚬ Data Protection
• Security Policy configuration at Database Application which refer to
Security Standards without impacting business process
• Rebuild and re-compile Procedure & Function on the existing
database so that it can be used from an existing application after
applying database security
TELKOMSEL - Security Hardening Solution (2020 – Current)
Objectives
• Cyber Attacks targeting computers and other digital systems continuously rise
• Automatically enforce security compliance to Telkomsel infrastructures with Ansible use CIS and ISMS as benchmark, in order to prevent
from attack surfaces , for example closing unnecessary port (robust configuration) from nmap scanning tool (attack surfaces) .
• Security Audit Compliance, currently Telkomsel has lack of security hardening enforcement in its more than 8000 infrastructure
environment and those lack of security hardening is non-compliance to Standard Information Security Management
Red Hat® Ansible® Solution
Implementations:
• Automate Security Hardening with Ansible for 4.700 prioritize servers (147 Critical Applications),
which contains PII/FII data and/or Public Facing;
• Installation & Configuration Red Hat® Ansible®;
• Develop Playbook Scan, Remediation, Rollback for 13 OS Variant base on TSEL Security Baseline and
CIS Benchmark;
• Develop Dashboard Monitoring using Grafana;
Manage Operations:
• Daily monitoring, Weekly Scanning Security Baseline;
• Perform remediation when a server is found that does not comply with the security baseline.
CIMB Niaga - Implementation Endpoint Detection Response
Solution (2020 – current)
Objective
• Limitations of CIMB Niaga's IT Security team in monitoring and
mitigating security holes in IT devices and servers so that they can be
exploited by malware, viruses and APTs
• CIMB Niaga's IT Security Team has Endpoint Detection Response (EDR)
tools to detect and provide an appropriate response when malware
activity is found on the CIMB Niaga network.
SentinelOne EDR Solutions
Implementations: Manage Operations:
• Deliver 16,000 Units of Endpoint Protection Platform Subscription • Daily Operation & Monitoring;
and Installation and Configuration of SentinelOne Management • Agent installation if there is a new device;
Server; • Uninstall Agent if any device is not used anymore;
• Installing EDR agent on all computer devices (desktops, laptops and • Upgrade Management Server version if any;
servers) using existing IBM BigFix; • Upgrade the Agent version if any.
• Setting Security Rules
KPK – Web Security Scanner (2021 – Current)
Objective
• Having a Web Scanner Vulnerability Tool software that can scan and
check web server and web application weaknesses quickly, besides that
this software must also be able to provide suggestions on what to do if
weaknesses are found on the website.
Synopsys Seeker Solutions
Interaction Application Security Test
Implementations: Maintenances:
• Installation and Configuration of Synopsys Seeker Server Enterprise; • Preventive Maintenance
• Synopsys Seeker agent installation; • Corrective Maintenance
• Web Application Tests;
• Create Report.
Alto Network – Firewall Managed Services (2018 – 2020)
Objective
• Perform Managed Services for Alto Network 3 Data Center sites
Managed Services for Alto Networks
Manage Operations:
• Network Maintenance
• Monitoring Network
• Network Configuration
• Network Troubleshooting
• Installation, Remote and Update Patches
• Operations reports
BAU Operational activities include such as:
• Firewall Security Policy configuration
• SSL VPN and Security Policy VPN configuration
• VLAN configuration
• Troubleshoot
• Backup Firewall, Router, Switch
• Etc.
Santini Group – Mail System & Security (2021 – Current)
Objective
• Migration of Mail System from Cloud to On-Premise for 100 accounts;
• Have a secure Mail System;
Fortinet & Zimbra Solutions
Implementations: Manage Operations:
• Zimbra Mail Server installation and configuration; • Daily Monitoring Fortigate & Fortimail;
• Migration of email accounts from Google to Zimbra Mail Server; • Addition or Reduction of Mail User;
• Fortigate Installation and Configuration; • Preventive & Corrective Maintenance;
• Fortimail Installation and Configuration. • Zimbra Mail Server version upgrade if available;
• Upgrade Fortigate & Fortimail firmware if any.
ASDP – Tools Vulnerability Scanner and Managed Service (2023
– Current)
Objectives
• Test and improve the security of each application so that the principles
of confidentiality, integrity and availability can be fulfilled properly
• Find vulnerability risks in the network and recommend appropriate
mitigation or remediation to reduce or eliminate the risks
• Provide an understanding of organizational assets, security systems and
risks faced, and reduce the possibility of cybercriminals attacking
company systems.
Tools Vulnerability Scanner and Managed Service
Implementations: Managed Services:
• Implementation Tenable Vulnerability Scanner tools: • Operational managed services for 8x5
⚬ On premise Tenable.sc for 500 assets • Qualified resource for managed services:
⚬ Cloud base Tenable.io for Web Application Scanning 5 (five) ⚬ Lead Project
FQDN ⚬ Senior Security
• Deliver recommended solutions for assets category criticality and ⚬ Junior Security
SOP for vulnerability findings • Scanning and Remediation for vulnerability findings
• Report scanning results and recommendation
ASDP – Switch and Access Points Devices (2022 – Current)
Objectives
• Availability of switches and access point devices that have been
integrated with the Fiber Optic LAN network infrastructure
• Increasing High Availability for LAN network connections
Switch and Access Points Devices
Implementations:
• Deliver and implement Switch and Access Points devices using H3C
at 10 level floors in ASDP new HQ
• Provide training for end-user for Switch and Access Points devices
Managed Services:
• Three years maintenance for:
⚬ Preventive Maintenance:
■ Periodic monitoring of the system
■ Make a findings report if there is a potential system mal-
function
■ Inform/recommend update version.
⚬ Corrective Maintenance