iViZ Security is the industry’s first Software as a Service based on-demand penetration testing solution for applications, networks and compliance. Using this solution organizations can conduct comprehensive, regular penetration tests in a cost-effective manner and easily manage compliance requirements like PCI, SOX, ISO-27001, HIPAA etc.,
2. iViZ
Industry’s First
On Demand Penetration Testing
Company
3. About iViZ
Industry’s First On Demand Penetration Testing Solution
Subscription based security testing solution for applications, networks & compliance
provides demand, comprehensive and cost-effective coverage
IDG Ventures Funded
A top tier venture firm with over $4 Bil. investment whose
portfolio include Netscape and MySpace
Research Recognitions
Strong vulnerability research team credited with vulnerability
discovery in products of Microsoft, Intel, McAfee, IBM, AVG etc.,
Technology Recognitions
Globally recognitions from US Dept. of Homeland Security, Intel,
World Economic Forum, Red Herring, London Business School
etc.,
Strong Customer Adoption
Large enterprises across various industry domains like Media,
Web, E-Commerce, Banking, Telecom, Government, Technology
and others
5. Security Challenges Businesses Face Today
Business Compliance Brand
Continuity Management Protection
Prevent business Manage ever growing Ensure safety of your
disruption by protecting compliance requirements application and
critical IT assets PCI, ISO-27001, SOX, HIPAA confidential customer data
6. Threat Landscape Is Increasing!
Threat Landscape Is
Increasing!
Even Secure Organizations
Are Not Safe!
7. Attacks Are Getting Complex
Multi-Stage Attacks Are Harder To Detect
Critical
Server
Non-Critical
Server
9. Proactive Regular Security Testing
Penetration Testing Ensures You Are Safe
Regular proactive
Penetration Testing is
needed to augment
defensive security
monitoring measures such
as firewalls, IDS, IPS etc.,
especially in light of the
rising level of targeted
attacks
10. iViZ
On Demand Penetration Testing
Applications | Networks | Compliance
Comprehensive | Cost-Effective | On Demand
11. iViZ Solution
On Demand On Demand On Demand
Application Network Compliance Reporting
Penetration Testing Penetration Testing
Covers all 26 classes of WASC Covers all CVE / NVDB / SANS Covers compliance like PCI,
application vulnerabilities & Top 20 vulnerabilities as well as SOX, ISO-27001, HIPAA & more
OWASP Top 10 data leakage detection
Business logic verification Multi-Stage Attack Simulation PCI-DSS Scanning including
to detect attacks missed in compliance templates & auto
Specialized Testing For Web
traditional testing fill-in from test results
2.0 Technologies (AJAX,
JavaScript, Flash, ActiveX Automated Exploitation And SOX/HIPAA compliant
etc.,) False Positives Elimination penetration testing
Expert analysis along with Expert analysis along with ISO-27001 compliant
automated scanning automated exploitation quarterly penetration testing
12. Solution Highlight
Unique Multi-Stage Attack Simulation Technology
detects all attack paths missed in traditional approach
13. Solution Highlight
Industry’s First Subscription Based On-Demand Solution
Works over the Internet – Anytime - Anywhere
iViZ Remote Customer Network
Security Operation
Center
On-Demand
Portal 1
2
Internet
Secure iViZ
Scan Cluster
3
1 2 3
TEST CONDUCTED
SCHEDULE TEST FROM VIEW REPORTS ONLINE
AUTOMATICALLY
ONLINE PORTAL OR BY ENCRYPTED EMAIL
OVER THE INTERNET
14. Solution Highlight
Hybrid Testing :
Automated Scanning With Expert Analysis
Provides Superior Security Coverage
• Expert analysis provides extra
Expert Analysis & security coverage for all business
Validation logic vulnerabilities, complex
hard-to-find vulnerabilities
• Automated exploitation removes
Superior Automated Attack all false positives as well as covers
Coverage Simulation & Exploitation multi-stage attack paths and
data-in-motion leakages
• Automated vulnerability scanning
Automated Vulnerability provides coverage for attack
Assessment paths missed even in
conventional testing
15. iViZ Solution Benefits
On Demand Comprehensive Cost-Effective
Online Dashboard MAS coupled with expert Monthly / Quarterly
providing flexible analysis helps in the Subscription helps in
scheduling, historical detection of attack paths providing higher ROI and
trends with powerful otherwise missed out in lower TCO (Total Cost of
vulnerability traditional testing and Ownership)
management capability also eliminates the false
positives
17. Global Technology Recognitions
Top 2 in Asia / Top 6 in World Top 100 in Asia Top 8 in World
2007 2008 2006
Top 4 Emerging Company
Innovative Company Finalist Top 10 Hottest Startups Top 2 in India
2009 2008 2006
18. iViZ Research Recognitions
iViZ Vulnerability Research has discovered security vulnerabilities
in the following products
Hard Disk Encryption BIOS Antivirus
Hewlett-Packard 68DTT Ver. F.0D, F-Prot version 4.6.8, Sophos
Microsoft Bitlocker/Vista (SP0),
Intel Corp SAVScan 4.33.0, AVG for Linux
SafeBoot Device Encryption v4,
PE94510M.86A.0050.2007.0710.1559, version 7.5.51, Avast for
Build 4750 and below
Lenovo 7CETB5WW v2.05 Workstations v1.0.8, Bitdefender for
GNU/Linux version 7.60825, ClamAV
0.93.3
iViZ Follows Responsible Disclosure Policy:
1) Private vendor disclosure 2) Vendor coordinated public disclosure 3) No public proof of concept
19. Customers Across Broad Industries
Media/Online Telecom / Mobile Financial Services
Government Technology Others