Manage risk in your organization by identifying vulnerabilities through Spentera security assessment services. Ensure that technologies and policies are securely designed by sitting down and talking to our consultants. Rest assured with the support of the best minds in the industry.Our Approach
Spentera validates the control and implementation of existing security and risk measures by performing demonstrations of activities that are unknown in the networks, systems and attacks on application as part of a security testing in a safe and controlled manner.
When testing is complete, you will receive detailed maps that prioritize security weaknesses in systems and networks environment of your application.
- Determine weakest points of the application, system and network infrastructure from the external or internal perspective.
- Reducing the security threat to information systems, networks, and use of applications within the enterprise. Using a combination of hacking techniques which is done manually or by using commercial tools to produce accurate output.
- Spentera prioritizes the quality and maximum results for each findings We use the best known world methodology to satisfy the entire security assessment process. All the penetration testing processes are conducted by our experienced people.
- Spentera uses In-Depth Vulnerability Analysis techniques, analyzing all vulnerabilities discovered during the process of assessment.
- We will deliver the comprehensive report including the executive summary, technical summary, and technical detail of each findings. If it is asked, we will do a live demonstration about the findings that have been found.
Spentera penetration testing helps protect your organization against threat:
- By conducting security assessment, customer can quickly fix the known or unknown vulnerabilities.
- We produce accurate and high quality examination.
- Customer will get the results of comprehensive report including a detailed explanation of each vulnerabilities.
- Our service can be tailored to the client needs.
- We protect your company integrity and brands.
- By conducting security assessment, customer already take one step ahead to prevent loss to your business.
- Security assessment also raise the information security awareness.
- With the security assessment, customer can produce the best information security strategy to protect the company assets.
- It help to achieve and maintain compliance with federal and state regulations.
The rapid expansions in the Indonesia Information Technology sector has resulted in a corresponding increase in demand for information technology specialists in the national workforce, especially for specialists with technical skills in information/computer assurance and security. Many security tasks are not being adequately performed due to lack of personnel. The pervasive nature of the problem is evidenced by several recent reported security breaches.
Spentera Security Assessment service can meet the requirements of many standards and guidelines in relation to information security. Our team has working knowledge of the following standards and attempt to exceedingly meet their requirements.
Financial Services Authority of Indonesia (Otoritas Jasa Keuangan) No. 38/POJK.03/2016 – Implementation of Risk Management in The Use of Information Technology by Commercial Banks
The Financial Services Authority of Indonesia (Otoritas Jasa Keuangan) No. 38/POJK.03/2016 (replaced PBI no.9/15/PBI/2007) states that all banks under the auspices of Bank Indonesia shall perform risk management practices in their IT environment. The policy consists of several articles that determine how banks should monitor and manage IT risks related to building good governance in the banking sector.
PCI DSS Requirement 11.3: Regularly test security systems and processes
Payment Card Industry Data Security Standard (PCI DSS) states that all PCI DSS certified must develop and implement a methodology for penetration testing that includes external and internal penetration testing. This requirement also oblige all certified institution to perform penetration tests at least annually to verify the PCI DSS scope infrastructure are operational and effective.
ISO 27001: System acquisition, development and maintenance (A.14.2.8, A.14.2.9)
In the ISO 27001 controls, there are 3 sub-controls that require to be maintained and perform during regular compliance check;
A.14.2.8 – System security testing
A.14.2.9 – System acceptance test
A.18.2.3 – Technical compliance review
Spentera can perform penetration tests on network infrastructure and applications to test the security of information systems.
Application security services of Spentera provide a comprehensive approach to understanding the application exposure and focus on application security from development phase to production. We have a comprehensive suite of application security services to help you not only identify application flaws, but also cultivate a security savvy development environment. We provide tools and techniques to identify applications security flaws and expertise to provide strategic and tactical guidance to reduce overall risk.
Tremendous technology developments in the last years revolutionized the business, but also introduced new risks. Every application is vulnerable and no system is impenetrable. It is no longer enough to deploy products and merely hope that their security level is sufficient to protect against malicious attackers. It is also not good enough to implement or integrate security modules and assume the end product to be secure.
Who need this?
The Organization with mature IT security implementation over people, process and technology and want to test that implementation.
The Organization who has been conduct pentest on scheduled basis and want a different and deep testing approach.
The Organization who want to testing the preparedness of your incident respond team capability.