CYBERSECURITY
Analyze risks, prevent attacks and protect the integrity of your company’s data and those of your customers with TIVIT’s Cyber Security services.
8 of the 10 largest companies in Latin America rely on TIVIT as their technology partner to bring efficiency and innovation to their businesses.
Did you know that Brazil is the country most susceptible to data leakage?
According to the Ponemon Institute, the risk of an attack on a Brazilian company is 43%, far higher than in countries like Germany (14%) and Australia (17%).
15 billion
attempted cyberattacks in the first quarter of 2019.*
R$ 5,5 million
is the average cost that companies have for each attack.
52% of cases
of compromised data involve customer information, which could destroy a company’s reputation.
Why rely on TIVIT to make your business secure?
We work with the best tools, without exclusivity
We are not tied to any particular tools or software – TIVIT manages to operate and perform benchmarking, in order to identify the best solutions for each company.
End-to-end process
Full range of expertise to assist you in all security processes (from the identification of the threat to analyzing the problem and finally correcting the flaw), without needing to bring in third parties.
Methodology and best practices
Integrated security methodology for business continuity, adhering to processes certified under ISO 27001.
LABS
Solid investment in R&D (LABS) and continuous refreshers for our professionals, with TECHNOTIVIT.
Right now, is your business working proactively to foil attacks, or is it simply reactive?
Prevention is key to reducing costs and maintaining your company’s reputation.
Get in contact with our consultants and find out how the services of Cyber Security can mitigate the risks and vulnerabilities in your business.
MDR
Unified vision of IT security and real-time response to threats.
How do we do it?
We are working continuously, from prevention to management of the crisis.
SECURITY AND OPERATIONS (SOC) WHICH COORDINATES AND CENTRALIZES
– Managed Security Operations
– SIEM
PROACTIVE DETECTION AND CORRECTION OF VULNERABILITIES (INFRA AND APPS) THREAT VULNERABILITY MANAGEMENT (TVM)
– Infrastructure
– Applications
IDENTITY AND ACCESS MANAGEMENT
– Identity and Access Management (IAM)
– PAM
DATA PROTECTION AND INFRASTRUCTURE SECURITY
– Firewall
– EDR & AntiSpam
– Patch Management
CONTINUOUS, UNINTERRUPTED ADVANCED MONITORING OF CYBER ATTACKS
– Content Filter
– Web Proxy
CONTAINMENT AND RESPONSE TO SECURITY INCIDENTS
-Incident & Response
– IDPS
MANAGEMENT AND ADAPTATION OF DEVICES AND IMAGES TO SECURITY POLICIES
Threat Intell
Artificial intelligence working to keep your business secure.
How do we do it?
We deliver specialized services in predictive analysis, detection and handling of incidents in real time
FRAUD DISCOVERY
Systems working to detect and handle fraud.
BRAND ABUSE:
Brand misuse monitoring and mapping tools.
DATA LEAKAGE
Rules of business and tools for detecting and controlling data leakage..
SALES ABUSE
Mapping of commercial information and fraud in financial transactions.
APP SECURITY CYCLE
Analytical tools, test & validation processes, permeating the entire application development lifecycle.
Consulting
We take care of security so that the future of your business is in your own hands.
How do we do it?
We suggest the tools and implement and guarantee their use to their full potential.
CONSULTANCY TO MINIMIZE DAMAGE, WITH PREPARATION, RESPONSE AND POST-CRISIS REINFORCEMENT
– Crisis Management
– Infrastructure
– Applications
– Cloud
POST-CRISIS RECOVERY
– Expertise in Disaster Recovery
– Infrastructure
– Applications
– Cloud
COMPLIANCE
– Best Security Practices
– Hardening and Baseline of Operational Systems, Web Applications and Database
FORENSE
– Analysis of Security Incidents
– Cyber Expert Support
– Fraud Identification
– Indicator of Commitment
– Forensics in infrastructure, Mobile and IOT / OT
PENETRATION TESTING (PENTEST) USING TOOLS THAT VALIDATE THE EFFICACY OF DEFENSE MECHANISMS
– Internal, External and Cloud Infrastructure
– Mobile and Web Applications
– Wireless communications networks
– IOT / OT
DEVSECOPS
– Code review
– Dast
– Pentest
– Endpoint priviledge management for dev
Governance, Risk and Compliance – GRC
We take care of security so that the future of your business is in your own hands.
How do we do it?
We deliver specialized services that guarantee business conformity in the hybrid, digital world, as well as integrity of the infrastructure, applications, data and reputation of our customers.
MAINTENANCE OF PCI-DSS CERTIFICATION
– Gap analysis - shows current status with regard to the requirements of the standard for planning tasks and investment.
– Audit Premiere Support – specialized TIVIT professionals represent the customer in international certification processes.
DATABASE MANAGEMENT SUPPORT IN ACCORDANCE WITH THE GDPR
– Assessment - preparation and diagnosis of the organization to evaluate maturity and structuring of a project for privacy.
– Implementation - implementation of policies and preventive controls for the privacy and protection of personal data.
– Governance – establishing the incident monitoring and support processes to sustain a program of personal data protection.
OPERATIONS OBSERVING THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) FOR HEALTH COMPANIES IN THE AMERICAN TERRITORY
– Health Information Systems - technical support for the implementation of systems specifically developed for the area of health.
– Personal Health Record Protection - protection and control of personal health records (PHR).
– HIPAA Applied Security - implementation of specially designed security to comply with the requirements of North American regulations.
SECURITY ASSSESSMENT
– Quick Assessment – dynamic evaluation for quick gains and definition of priorities.
– 360 Assessment – complete evaluation of the environment, based on renowned methodology (CIS, ISO 27001, COBIT).
– Security Roadmap - Assistance in creating a complete roadmap for delivering the task.
SECURITY AWARENESS
– Testes de phishing.
– Gamified security training.
– Boot camp - in-house training on the recognition of cyber risk.