Strategic and tactical security services focused on the applications supporting critical business processes such as mobile , web based. Includes technical assessments, secure development life cycle reviews and program management consulting.

Strategic Objectives

► Opt for comprehensive cybersecurity risk assessment program

► Develop comprehensive web security, governance structures and policies

► Expand cyber security education to build the workforce

► Foster information sharing and collaboration both internaly and externally

Our Proposition – Overall Approach for Security Services

Risk Based Approach – Information is exposed to risks/ threats during generation, transmission and storage. These risks pertain to disclosure, alteration and loss of information accidentally or due to malicious intent.  It is therefore essential that information is secured during all stages of its lifecycle.

The MSG Application Testing  and Onion Skin Methodology use a structured risk-based approach to carry out security services. The approach involves the following steps:

Risk Identification

  • Risk identification is a structured attempt at identification of risk that will enable the organization to achieve a comprehensive level of risk awareness in terms of threats, vulnerabilities.

Risk Assessment

  • Risk assessment aims at identifying the risks in terms of potential business impact.

Risk Management

  • Risk management involves managing the exposure to an acceptable level by implementing appropriate controls based on the business benefits to be derived from the control.

Application Security Testing

In this level, external non-intrusive vulnerability Assessment will be carried out to gather relevant details through information available in the public domain. Information will be sought from the Internet and other sources about client’s applications, internet-facing services, connectivity and system configuration, network infrastructure, user management, access policies, etc.

Web application security assessment would comprise of the below mentioned key vulnerabilities/tests aligned to OWASP Top 10 model.