enterprise portfolio and solutions

SOC Enablement leveraging Cipher-xSIEM, a resilient Cloud based enterprise distributed AI neural network (CNN) architected as a secure microservice containerised ecosystem, bonding AI self evolving data driven decisions into the DNA of Security Information and Event Management (SEIM) 

    Security Analytics, Threat Detection, Incident response via Cipher-xAI artificial intelligence 

    User & Entity Behavior Analytics (UEBA) using Cipher-xUEBA

    Cloud and Hybrid Security (IDAM, Federation, SSO, OAUTH)

    Continuous Adaptive Security, Automation & Orchestration

    TLM, Monitoring, Log Integration and Case Management 

    Network Traffic & Behavior Analytics underpinned by Cipher-xNET

    Digital, Network and Hardware Forensics

    Integration Security

    File Integrity Monitoring using Cipher-xMON

    Email Security, Ciphers, Encryption and SBL's

    Vulnerability Assessments inc zero day    

    Penetration Testing (white and black box)

    Neutralisation and Recovery Actions

The NIST Cybersecurity Framework (NIST CSF) provides a policy framework of computer security guidance  for how private sector organizations in the United States can assess  and improve their ability to prevent, detect, and respond to cyber  attacks. We offer regulatory solutions that assist with compliance, talk to us today.

General Data Protection Regulation 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the  European Union and the European Economic Area. It also addresses the  export of personal data outside the EU and EEA areas. The Data Protection Act 2018 is an update to the original 1998 act.  We offer data protection solutions that can assist your business to be compliant with this legislation. 

SEIM supports computer security, security information and event management software products and services combine security information management and security event management to provide real-time analysis of security alerts generated by applications and network hardware. Our xSEIM software offering is the best in the business. 

Center for Internet Security (CIS) has developed the top 20 Critical  Security Controls (CSC) to help IT professionals protect their environment against both external and internal attacks. Our security risk assessment can highlight areas that your business may need to concentrate on.  

RFC 2196 is memorandum published by Internet Engineering Task Force for developing security policies and procedures for information systems connected on the Internet. It contains a general and broad overview of information security including  network security, incident response, or security policies. 

PCI DSS  is the Payment Card Industry Data Security Standard, an information security standard to handle branded credit cards from the major card  schemes. 

DoDI 8500.2  implements policy, assigns responsibilities, and prescribes procedures for applying integrated, layered protection of DoD information systems. 

IEC-62443 cybersecurity standards are multi-industry standards listing cybersecurity protection methods and techniques published by the International Electrotechnical Commission(IEC). 

ISO/IEC 27001 is an information security standard, part of the ISO/IEC 27000 family of  standards, of which the last version was published in 2013, with a few minor updates since then. It specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization.

The Cloud Security Alliance (CSA) is dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, and operate a cloud security provider certification program, the CSA Security, Trust & Assurance Registry (STAR), a three-tiered provider assurance program of self-assessment, 3rd-party audit and continuous monitoring. 

In 2009, CSA released the Security Guidance for Critical Areas of Focus In Cloud Computing, providing a practical, actionable road map for adoption of the cloud paradigm safely and securely. The following year, CSA launched the industry’s first cloud security user certification, the Certificate of Cloud Security Knowledge (CCSK), a benchmark for professional competency in cloud computing security, along with the Cloud Controls Matrix (CCM), the world’s only meta-framework of cloud-specific security controls mapped to leading standards, best practices and regulations. 

The UK Government G-Cloud is a cloud computing certification for services used by government entities in the United Kingdom. The G-Cloud consists of: 

• A series of framework agreements with suppliers, from which public sector      organisations can buy services without needing to run a full tender or competition procurement process
• An online store aka the "Digital Marketplace" that allows public sector bodies to search for services that are covered by the G-Cloud frameworks

COBIT is a framework created by ISACA for information technology (IT) management and IT governance, which defines a set of generic processes for the management of IT, with each process defined together with process inputs and outputs, key process-activities, process objectives, performance measures and an elementary maturity model. Security is a key element of this.

The Information Systems Security Association (ISSA) is a  not-for-profit, international organization of information security  professionals and practitioners. It provides educational forums,  publications, and peer interaction opportunities that enhance the  knowledge, skill, and professional growth of its members. 

Cipherlock can provide solutions to all of your compliance business needs, contact us today.