Shtein Solutions provides information security (IS) support services for organizations for which the IS topic is a priority.
Having experience in building a secure infrastructure, we try to apply it at our clients’ enterprises. Not just formal support and determination of security criteria, creation of work plans, implementation and configuration of security systems, but also the integral interaction of all teams influencing information security:
Continuous collaboration with technical experts in information security and the technical infrastructure department can eliminate errors in settings, debugging of security systems, and correct distribution of access rights. We help identify important events to monitor in SIEM and EDR systems. Maintenance also includes constant infrastructure checks, as well as scheduled checks of applications and internal systems. We help determine compensatory control for those processes where information security has not yet been properly built.
Information security support, on our part, means keeping abreast of all events and finding the correct and safe solutions for the organizations we serve.
As part of the support service, we try, based on inspections, to prepare an up-to-date risk map with recommendations and suggestions on what to solve, in what order and how.
CISO-as-a-Service
Privacy protection, GDPR and more
Examination of cloud and applications
Risk surveys and security audits
Cyber-technological support
Our company provides the following services:
Primary technological and basic checks in the field of information security. Inspection of the network architecture, security systems, access rights. Construction of a risk map.
More DetailsThis test identifies existing vulnerabilities in the infrastructure in order to formulate recommendations for their elimination.
Testing using social engineering methods. The purpose of the test is to identify the staff’s level cyber security threat awareness.
Lectures and trainings on staff awareness of information security threats, as well as trainings on secure development for programmers.
Checking the security of the company according to the protocol. The purpose of the audit is to show in which areas of information security there are shortcomings and how to correct them.
More DetailsWhen a cyber incident occurs, it is important to understand exactly what happened and how, and to address the causes and gaps in the firm's information security.
More DetailsThe email attack simulation tests the effectiveness of email security tools such as email gateways, antiviruses, sandboxes and others.
More DetailsWe will identify weaknesses in mobile and web applications, in remote service systems and develop recommendations for eliminating detected vulnerabilities.
More DetailsWe will identify problems in protecting user computers for running malicious applications and monitoring the
system.
Since 2010, we have done a lot of work. This includes penetration tests and security audits, risk management, incident investigations, as well as consultations and solution design.