Gujarat Forensic Sciences University

Transcription

1 Gujarat Forensic Sciences University Knowledge Wisdom Fulfilment

2 Cyber Security Consulting Services Secure Software Engineering Infrastructure Security Digital Forensics SDLC Assurance Review & Threat Modeling Secure Coding and Configuration Review Testing Risk Assessment Penetration Testing Network Vulnerability Assessment Infrastructure and System Hardening Cyber Security Governance and Complianace End-Point Security Forensic Imaging Computer Forensics Network Forensics Mobile Forensics Malware Detection and Analysis (NIST Compliance) Identify Develop an organizational understanding to manage Cyber Security risk to systems, assets, data, and capabilities. Protect safeguards to ensure delivery of critical infrastructure services. Detect activities to identify the occurrence of a cybersecurity event. Respond activities to take action regarding a detected cybersecurity incident. Recover activities to maintain plans for resilience and to restore any services that were impaired due to a cybersecurity incident

3 SECURE SOFTWARE ENGINEERING SDLC Assurance Risk Assessment is an integral part of today s complex business applications. A holistic, security review approach can evaluate the security posture of the application in every phase of the software development life cycle. GFSU approach can be used in parallel to application software development to cover the security reviews among different phases of SDLC. The application security risk assessment is to determine the overall security posture of the application. Application security risk assessment is mainly conducted as one of the important requirement from the application security/ regulatory requirement perspective. It is to identify and evaluate security gaps affecting confidentiality, integrity and availability of the application. Static Testing (SAST) Dynamic Testing (DAST) Application Secure code review is the process of auditing the source code for an application to verify whether the appropriate security controls are present in right place and to keep the work as intended & invoked in right place. GFSU offers best-in-class tools and manual analysis to carry out source code and configuration reviews. We make sure that all applications & Devices are running with best possible security coding standards and configurations, in-line with industry best practices & compliance requirements. Application security testing is an approach to explore uncover vulnerabilities in Web & Mobile Applications by performing dynamic security testing. It involves various web and mobile security concerns, technical issues with mobile platforms, application security policies and solutions. Application Security Testing can be performed in Tool Based security testing & Manual Security Testing Design Review & Threat Modelling Design & Architecture review focus on design phase of the application. Threat modelling is a structured approach that enables you to identify, quantify and address the security risks associated with an application. Threat modelling would help to ensure applications being developed with security built-in from the very beginning. I dream of a Digital India where Cyber S-ecurity becomes an integral part of our National Security. -- Narendra Modi

4 INFRASTRUCTURE SECURITY Network Vulnerability Assessment Penetration Testing Network devices are commonly targeted by hackers in order to threaten the entire network or to steal information. We help you to validate the configuration of various technology devices & platforms on your network as per best practices. We also help you to identify security issues and weak links in your network through network assessment. Current technology has given us access to huge amount of information on the web, mobile devices and simplified tasks like banking services, online shopping, paying utility bills. It has also given rise to the need for ethical hackers to battle cyber criminals. GFSU offer best-in-class tools and manual analysis to carry out Network penetration techniques, Application penetration techniques, Client-side exploitations, server-side exploitations and remediation controls. Infrastructure and System Hardening End-point Security Infrastructure and system hardening is the process of tuning all the network devices and servers to increase security and helps to prevent unauthorized access. We will ensure that the hardening standards are in place and in line with industry benchmarks and that your servers are patched and configured to comply with these standards. This would ensure that your network devices are secure and are proudly playing their role without any security misconfiguration thereby reducing the internal attacks too. Organizations today seek strategic approach for infrastructure and network security. GFSU helps you proactively address your organization s security needs with Infrastructure and Endpoint Security. With our services, organization gets extensive security expertise and security solution deployment experience coupled with efficient and cost-effective implementations. We help you maximize the value of your technology investments by securing your enterprise data and networks. Cyber Security Governance and Compliance Application security testing is an approach to explore cyber security requirements and uncover vulnerabilities in Web & Mobile Applications by performing dynamic security testing. It involves various web and mobile security concerns, technical issues with mobile platforms, application security policies and solutions. Testing can be performed in Tool Based security testing & Manual Security Testing Cyber crime is expected to cost the world $6 trillion annually by 2021, up from $3 trillion in Global spending on cyber security products and services to combact cyber crime will exceed $1 trillion cumulative over the next 5 years, from 2017 to 2021.

5 FORENSIC SERVICES Forensic Data Collection GFSU offers data collection services across a wide range of data sources and devices. Our field experts use industry standard forensic software and hardware to improve device acquisition speed and multiple options for write blocking in maintaining the integrity of data of each collection. Computer Forensics GFSU supports computer forensic based digital investigations in variety of fraud cases including data leakage, cyber-attack, malware incident and unauthorized access etc. Our latest forensic technology laboratory is equipped with high-end workstations that gives us the capability to effectively analyse legally defensible evidence. Mobile Forensics GFSU brings substantial experience to support hand held device investigations. In particular, we have helped many organizations to preserve mobile devices, provide forensic analysis, reporting of devices, perform data extraction and produce mobile device data into standard review formats. Our teams of specialists forensically collect mobile devices using industry standard tools and protocols that are tested and verified. Network Forensics We provide visibility into network attacks by offering scalable investigation for capturing and indexing of the network packets. Our professionals provide total visibility of network traffic allowing organization to perform historical analysis as well as to prepare against emerging trends. Data Recovery Using the array of technology our forensic professionals can recover information from computer hard drives and many other media types including active, deleted, hidden, lost or low encrypted files, file fragments and even files that were merely viewed but never saved. Malware Analysis At GFSU, malicious software will be analysed through a root-cause oriented approach. Our forensic tools help in assessing whether malware has been installed in compromised corporate systems or other systems may have been similarly affected. "Cyber security ventures predits there will be a ransomware attack on businesses every 14 seconds by the end of Global damage cost in connection with ransomware attacks are predicted to reach $ 11.5 Billion annually by 2019

6 About GFSU The Gujarat Forensic Sciences University is the world s first and only University dedicated to Forensic and allied Sciences. It was established by the Government of Gujarat through an act passed by the Gujarat Legislative Assembly dated 30th September, 2008 with an objective of fulfilling the acute shortage against increasing demand of forensic experts in the country and around the world. Evidently, the University became functional from July, 2009 onwards with various courses, scientific programs and training modules. The University was recognized by the University Grants Commission (UGC) as a State University under section 22 of UGC Act, 1956 to award degrees in May, It is located in the green and clean city of Gandhinagar which is the capital city of Gujarat state, a vibrant, industrious, safe and business friendly state of Indian sub-continent. Cyber Defence Center (CDC) Gujarat Forensic Sciences University Knowledge Wisdom Fulfilment Contact Us Gujarat Forensic Sciences University Sector 9, Gandhinagar , Gujarat India. dir_fs@gfsu.edu.in Mobile: