The inventory of networks (LAN), servers, and applications is compiled, and information security risk levels are determined. Information security risks are defined in three categories:

Level A: Critical applications, servers, active devices, and networks are assessed at this level. This is the highest level from an information security perspective.
Level B: Inventory sections related to normal business operations are assessed at this level. This is the medium level from an information security perspective.
Level C: All inventory entries that do not affect normal business operations are assessed at this level. This is the lowest level from an information security perspective.

The objective is to investigate new threats and security vulnerabilities, conduct cybersecurity intelligence, take measures against attacks, develop necessary precautions, and share them with relevant stakeholders.

It involves regularly conducting vulnerability scans on internet-accessible systems and services and supporting the tracking and fixing of identified vulnerabilities.

It involves regularly conducting vulnerability scans on systems and services within the intranet network and supporting the tracking and fixing of vulnerabilities identified as a result of these vulnerability scans.

The problems experienced in the business world, in addition to the crises that arise, cause damage to the reputation of institutions in the eyes of their customers, business partners, and shareholders, and even lead to market loss. It is certain that the work to be carried out in the name of information security losses or disaster recovery will always be more difficult and expensive than the measures to be taken to prevent information loss.

ESAM’s goal is to support the human factor, recognized as one of the three critical components of information security, in complying with security principles.

For more information about our information security awareness program and supporting software, ESAM (Employee Security Awareness Management), please click here.

The system, consisting of operating systems (Linux, Windows, Solaris, etc.), security devices (firewall, anti-spam gateway, etc.), and other infrastructure components, is examined from a security perspective. Any deficiencies identified are reported, and the necessary follow-up is provided to address the deficiencies identified at the end of the review process.

Penetration testing is conducted at regular intervals to identify current vulnerabilities and configuration deficiencies, and these vulnerabilities are tracked until they are resolved.

In any emergency situation, the aim is to prevent the escalation of the emergency, eliminate it, report it, etc., through the collaboration of all relevant/necessary experts, thereby providing SOME (Cyber Incident Response Team) services.

In the event of an ongoing cyber attack, in conjunction with customer information security management, high-level coordination support is provided to investigate the situation, intervene in information security, eliminate the threat, collect evidence, and make the necessary correct decisions in a timely manner for a possible legal process.

Other services are as follows:

IDS/IPS rule review
Industrial control systems (ICS) and SCADA controls
Review of IoT devices from a security perspective
Disaster recovery center (DRC) assessment
DRC drill planning and support
Information security awareness activities and measurements (Social engineering)
DLP Solution Support
Other additional topics will be determined through mutual discussion.