Disaster Recovery Service

Our consulting services, are helping Rediff India to securely serve their websites to their 95 Million Users.

To get more information on Security Brigade's Professional Services, Contact Us.

Introduction

A Disaster Recovery Plan is executed immediately after the disaster occurs and details what steps are to be taken in order to recover critical information technology infrastructure. It is a subset of BCP (Business Continuity Plan) but focuses on taking necessary steps to resume normal business as quickly as possible

Security Brigade's Information Technology Disaster Recovery (DR) Plan provides a structured approach for responding to unplanned incidents that threaten an IT infrastructure, which includes hardware, software and networks.

  • Compliance with International and Industry (ISO 27001, PCI-DSS, RBI, NSE, OSSTMM, CERT-In) regulations.
  • Comprehensive Review of existing security policies, procedures, controls and practices.
  • Customer Specific reports with clearly outlined responsibilities and detailed remediation steps including device specific commands/patches and source-code examples.
  • Experience of tens of thousands of hours of security assessments, implementation, design, development.
  • Superior Level of confidentiality, integrity and availability of organizational information in-order to facilitate maintenance of competitive edge, cash-flow, profitability and corporate reputation.
Some of Our Unique Value Propositions
Experience
Consultants are certified with industry recognized IS Certifications (eg: eCPPT, SANS, CISSP).		 Free Re-Testing
Ensures vulnerabilities are completely closed.
Customized Reports
Designed to help developers understand issues for the long-term.		 Hybrid Approach
Unique combination of manual and proprietary automated processes.
Identifying the "True Impact"
Get a real-world perspective on your threat assessment.		 Enhanced Remediation
Solutions specific to your operational and development environments.

Approach

At Security Brigade, all engagements are carried out by experienced consultants that utilize a combination of in-house developed, commercial and open-source tools to deliver maximum value. Our methodology is aligned to industry best-practices and aim to not just meet, but go well beyond regulatory and compliance requirements.

Our Approach

Our Disaster Recovery Service methodology is an in-depth process that has been built through experience and thorough understanding of customer requirements.

[+] Read More

  • Pre-Assessment Analysis
  • Detailed Requirement Analysis
  • Policy and Procedure Gap Analysis
  • Threat Profiling & Risk Identification
  • Action Plan Development
  • Application Architecture Review
  • Policy, Checklist, Documentation Development
  • Technology Implementation
  • Business Impact Analysis
  • Project Completion Audit
  • Report Generation
  • Support

Technical Experience

Security Brigade has had the privilege of working with a large number of customers with varied operational environments. As a result, our consultants have broad technical experience and some of the environments we have worked with are listed below.

[+] Read More

Operating Systems: Windows Server 2000, 2003, 2008, Redhat Linux, Sun Solaris, HP-UX, IBM AIX, Open VMS, Novell Netware, Open Enterprise Server, Suse Linux, IBM OS/2, Win NT, SCO Unix, SCO OpenServer, IRIX, FreeBSD, OpenBSD, NetBSD, OpenSolaris.
Firewalls: Cisco PIX/ASA, Checkpoint, Netscreen, Watchguard, Sonicwall, Fortigate, Web Application Firewalls.
Intrusion Detection Systems: ISS RealSecure, Cisco Secure, Dragon IDS, Fortinet, Snort, Sourcefire, Checkpoint RealSecure.
Network Devices: Routers, Firewalls, Switches, IDS/IPS, Load Balancers, Layer 7 Switches.
Wireless Devices: Wireless Access Points, Wireless Routers, Wireless Bridges, Wireless Switches and Controllers, Wireless IPS, Wireless Client Devices.
Others: Microsoft Sharepoint, SAP, Active Directory, ISA Proxy, Squid Proxy.
Mobile Devices: PDAs, Blackberies, Notebook Computers, Netbooks, Pocket PCs, Smart Phones, Tablet PCs, Microsoft Mobile Servers, Blackberry BES/MDS Servers.


In-House Tools for Disaster Recovery Service

One of our core strengths has been our ability to adapt to challenging customer environments and requirements. We have been able to consistently meet these challenges through a strong process of research and development. Some of the many tools we have developed over the years are given below.

[+] Read More

sdFinder - Identifies internal hosts on non-contiguous IP ranges. It allows us to detect sensitive information about our clients commercial, intranet and extranet networks.
webDiscovery - Identifies as many applications as possible on Client web-servers. The applications discovered through webDiscovery allow us to provide a superior web application security testing service than competitive services and products. It allows us to increase the scope of the audit and cover more areas that could be attacked by malicious users; that would not be covered by a traditional audit.
networkMapper - Network Mapper uses proprietary technology to be able to identify alternative network routes to bypass security mechanisms such as IDS/IPS/Firewall etc. It allows our experts to bypass existing security implementations and gain direct access to the systems behind them.
webTester - Utilizes our Benchmark Development System to ensure that we can identify maximum vulnerabilities in applications through automated mechanisms. Along with flaws that are known, it uses in-house research to test for vulnerabilities that are not in the public domain. It allows us to automate the process of identifying and testing known and unknown vulnerabilities in web-applications and strike a cost-effective time to effort ratio.
VA Framework - Integrated solution developed by our security experts that have an expertise in the vulnerability assessment domain. It allows us to integrate the manual and automated testing processes with commercial and open-source software. Our Integrated Reporting Engine allows us to cross-reference information from all the different components and generate a report based on our Client's requirements.
PT Framework - Integrated solution developed by our security experts that have an expertise in the penetration testing domain. It allows us to integrate the manual and automated testing processes with commercial and open-source software. Our Integrated Reporting Engine allows us to cross-reference information from all the different components and generate a report based on our Client's requirements.
webSpider - Uses advanced HTML, Java Script, Ajax, Flash and XML parsing engines to identify and map as much of the client applications as possible. This not only assists our automated webTester engine, but also assists in carrying out the manual testing process in an efficient manner. It allows us to attain a cost-effective balance between thorough testing and time required.
sapScan - Security and Configuration Assistant for SAP Security Audits.
riskReview - General Risk Assessment Tool.
erpInterrogate - ERP Security and Configuration Assessment and Control Tool.
Windows Batch Scripts - Windows batch scripts to automate routine server hardening functions and processes.
Linux Bash Scripts - Linux Bash scripts to automate routine server hardening functions and processes.
Oracle Security Assessment Scripts - Oracle Security Assessment Scripts to automate routine hardening functions and processes.
MSSQL Security Assessment Scripts - MSSQL Security Assessment Scripts to automate routine hardening functions and processes.
Internal Vulnerability Database - Automated vulnerability database that is updated every 15 minutes from over 100 public and 20 private feeds.
SQL Explorer: identifies vulnerabilities in and retrieves data from MSSQL, MySQL, Oracle, PostgreSQL, MS Access etc database servers.

Case-Studies

Disaster Recovery Solutions for a Manufacturing Company


Security Brigade implemented Disaster Recovery Solutions for a Manufacturing Company. This case study highlights the techniques and processes implemented to meet the Client's key business goals while ensuring that their business would fail-over without a hitch in the case of a disaster.

Download PDF

Disaster Recovery Solutions for a Financial Services Firm


Security Brigade implemented Disaster Recovery Solutions for a Financial Services Firm. This case study highlights the techniques and processes implemented to meet the Client's key business goals while ensuring that their business would fail-over without a hitch in the case of a disaster.

Download PDF

Disaster Recovery Solutions for a Chemical Company


Security Brigade audited the Disaster Recovery Plan for a Chemical Company. This case study highlights the techniques and processes implemented to meet the Client's key business goals while ensuring that all the problem areas and weaklinks in their DR Plan were identified and rectified.

Download PDF

Deliverables

Security Brigade's reporting process is industry-unique and aims to deliver maximum value to your organization and the administrations / developers directly interacting with the security audit. Each report is customer-specific and contains detailed information, proof of concepts, source code examples and configuration details with the aim of educating your IT teams for the long-term. The following are some of the deliverables you will receive on completion of a Disaster Recovery Service.

Executive Summary


Provides a holistic overview of the entire process implemented to help the organization meet its compliance targets. In-addition, it highlights the best practice recommendations and action-items to sustain the same for the future.

Download PDF

Technical Report


Provides a detailed report of the gaps identified in the organizations process and policies along with the recommendations, action items and best-practices implemented to help the organization meet its compliance requirements.

Download PDF

Action Items Tracker


Simple and comprehensive action item tracker aimed at helping management keep track of the recommendations, milestones and goals set to achieve their compliance requirements.

Download PDF

Best Practice Recommendations Report


Provides a series of best-practice recommendations based on the organizations current compliance and security posture focusing on taking the same to the next level.

Download PDF

Request a Call

Telephone: +91-022-23532909 | Contact Us | Twitter | Linked In
Security Consulting | Penetration Testing | Web Application Security | CERT-IN Empanelled | Privacy Policy
Copyright © 2007-2013 by Security Brigade InfoSec Pvt. Ltd. All rights reserved.