1. Comprehensive Audit of Information Security (ECIS) with the development of a strategic long-term model for building the Bank's information security for 3-5 years, which allows assessing the practical security of IT systems and the degree of impact of ongoing and potential incidents on the business of companies.
2. Experimental assessment of the Company's security:(Pen Test and ASV Scan (Penetration Tests))
3. PCI DSS (certification and support): Jet Infosystems has the status of Qualified Security Assessor from the international community of the Payment Card Industry Security Standards Council (PCI SSC) and the status of Approved Scanning Vendor from PCI SSC,
4. Code analysis. Checking for security and hacking of mobile applications. Custom-built and customized business applications pose a serious security risk to businesses because they they usually contain vulnerabilities that attackers can exploit.
5. Supply of self code analysis products: Fortify, Checkmark, Solar inCode, PositiveTechnology, IBM SAppscan
6. WAF web perimeter security systems: Imperva, F5, Citrix, Fortinet.
7. NGFW: Fortinet
8. Anti-leakage systems – DLP: Infowatch, Semantec DLP, Digital Guardium
9. Sandboxes: TrendMicro (there are implementations in Azerbaijan), FireEye, CheckPoint, KATA etc.
10. Honeypot: TrapX, Illusive - a trap, a resource that is a bait for intruders. The goal of a Honeypot is to be attacked or tampered with.
11. User control: Infowatch PM, Veriato360.
12. PAM, Access control for privileged users - administrators: CyberArk, FUDO PAM, OneIdentity Safefuard, SB PAM (Netwrix).
13. Data encryption systems on media: PGP, Ivanti
14. Control and management of passwords: SpecOps (implementation in the leading bank of Azerbaijan)
15. Control of mobile devices (MDM): Mobile Iron, Citrix XenMobile, Good MDM, Blackberry, MAAS (IBM).
16. Protection of RBS systems: anti-fraud systems
17. Monitoring and managing information security events - solving the problem of non-transparency of information security for business and based on a hierarchy of performance metrics and an analytics system in the field of information security - Jet inVeiw Security.
18. IDM systems: control of access rights of OneIdentity users, (there is an implementation in Azerbaijan). The results of the implementation of access control solutions in numbers:
- the waiting time for obtaining access rights is reduced up to 20 times;
- 7-8 times reduction in the time of annual revision of the access rights of employees;
- 3-5 times less time required for authentication.
19. Internet access control systems: Blue Coat
20. SIEM systems (Network Security Event Monitoring): Micro focus ArcSight, IBM QRadar, Solarwinds
21. Information security management systems (ISMS), including analysis, development and implementation of information security management processes. ISMS allow you to optimize the budget for information security, increase the transparency of information security for business, as well as the level of security and maturity of the customer;
22. SOC Information Security Incident Center: (Security Operation Center)
23. Comprehensive audit of the Bank's IT infrastructure
24. Protect cloud services
25. Database protection: IBM Guardium, Imperva, Oracle Vault
26. Protection against attacks (DDoS, ZeroDay, etc.): Arbor, PaloAlto
27. Risk analysis and risk and business continuity management systems: GRC Archer
28. IPS/IDS (Intrusion Detection and Prevention System)
29. Anti-spam systems: Sonic Wall, Iron Port, Proofpoint
30. Audit and certification according to ISO 270001
31. FIM (File Integrety monitoring): File Integrity Monitoring is an internal control that performs the act of checking the file integrity of the NNT operating system, Solarwinds
32. IT inventory: Ivanty
33. Patch manager: control and automatic management of software updates in the network: Ivanty, MSoft
34. Search and control of vulnerabilities in the Network: Rapid 7, Tenable, Qualis
35. Control AD, E-mail, File server: Netwrix
36. Zero Trust Network Access (ZTNA)