Service details : 

• Cyber Security Consulting and Training is to enhance the security of the organization in terms of personnel, processes and technology to have effective management and international security with corporate customers, both public and private sector.
  • Security Policy Consult service in accordance with legal requirements (such as the Cybersecurity Act B.E.2562 (2019)) and organizational objectives (e.g. business necessity for ISO/IEC 27001 or to make the organization operation more secure and efficient.
  • Security Architecture Design service is infrastructure and network security consulting service which covers
    • Physical Security: Physical security and device placement environment.
    • Network Security : Device and information zoning is to be secured. 

    By considering factors such as:

    • The role of personnel and the need for resources, contractors and customers (Role/Responsibility and Need-to-know) and the need for Separation of duties.

    • Access Control, Authentication, Authorization, Accounting and selection of suitable Cryptography.

     

  • Security Assessment service:  Technical Vulnerability Assessment of technology system, both at Operating System, Network equipment, Application and Source Code, in order to analyze the vulnerability and potential impacts on business operations. The Audit service comes in many forms as follows:

    • Vulnerability Assessment : VA
       Vulnerability Assessment arising from public source such as CVE (Common Vulnerabilities and Exposures). There are several types of assessments, such as Operating System, Network System and Web Application.

    • Penetration Test : PT
       Risk assessment with penetration testing to identify system vulnerabilities by using experts and conducting demonstrations to show the effect of the vulnerability. In addition, the system must be approved by the owner, which may lead to the risk of system damage.

    • Source Code Audit
       Source Code Security Audit is to ensure that information systems are safe from Various types of threats. It can be done from the development stage prior to deployment which will be more effective results than the actual test.

    • Cyber Security Analysis
       Investigating security breaches for trace of intruders or attackers as well as providing recommendations for remediation and preventing future recurrence.

  • Security Training service organize training, seminar providing knowledge to enhance awareness skills in security and giving a certificate for training in cyber security.