Our experts have international certification and have accumulated decades of experience in information security, and undergo relevant periodic training and instruction all the time. We have unlimited access to updates and knowledge due to our professional collaborations with global hardware and software vendors, such as F5, Palo Alto, RSA, Cisco, Juniper, Check Point, McAfee, Fortinet, Portnox and others. In addition, we serve as early adopters for trailblazing Israeli start-ups in cyber and information security, affording our clients the opportunity to access the very latest products in the field.
Our expertise in security for cyber worlds includes advanced network security solutions. This solution is composed of systems integrated in a diverse range of web environments, and designed to monitor web traffic and to enforce the organization's information security policy, such as Next Generation Firewall, IPS, Security Web Gateway, encryptors, etc.
Our infrastructure solutions also include supplementary information security systems for various content worlds, such as SIEM/ Log Analysis, which analyze out-of-band data and send alerts to system administrators when a deviation or risk is detected.
In addition, we provide advanced system security, including security for databases and for a diverse range of virtual platforms.
In the area of information security, Taldor offers clients three main Professional Services platforms:
Operational information security survey: an operational and practical review conducted by Taldor GlassHouse IT experts, which examines all the aspects of information security in the organization, from the end-user stations and mobile devices to complex data center systems.
The survey includes a review of the network security infrastructure, data security systems, user identification & authentication systems, VoIP environments, user environments, and hardening policy.
At the end of the survey, a focused operational report is produced setting out the conclusions and recommendations, enabling the organization's IT managers to address the security issues raised, independently, or with the assistance of Taldor's Professional Services Department.
Information security training: practical workshops for the organization's employees, clearly and effectively demonstrating the dangers and threats that exist on the Internet, and providing the knowledge and capabilities to deal with them. The workshops are built around awareness of the importance of the human factor in information security and in order to augment the information security technologies implemented.
The training addresses topics such as the important role of organization's employees in information security, and presents case studies and responses, common methods of deception, technological and human weaknesses, and tools for coping. The aim of the workshops is to make employees aware of their impact on information security in the organization, and to give them the tools for dealing with current information security challenges.
Operational database security survey: adapting databases to existing information security challenges is undertaken by Taldor's Glasshouse expert DBAs, who also oversee integration and management of the SQL servers in the organization from an information security perspective.
The survey includes monitoring and overseeing the level of security in the organization's database servers, reviewing SQL systems and identifying weaknesses, as well as examining possible integration of dedicated security systems in the client's environment. At the end of the survey, an operational report is produced specifying the problem issues and providing recommendations for improvements
Visibility & Forensics
Taldor implements and integrates unified security platforms to monitor information security incidents, investigate incidents, and check compliance with the standards. Visibility & Forensics systems are used to investigate information security incidents via a whole array of application tools, which include the specific payload of all the information monitored. The array of applications used in such systems includes reports and alerts, investigation, malware analytics, and advanced search and correlation. These systems can also be used to index metadata in the network traffic.
Eye of the Enemy
A service that describes how the organization appears in the eyes of the enemy.
The service includes:
• Collecting data on a regular basis
• Issuing alerts in the event of exposure and new data.
A team of experts to provide an immediate response to cyber incidents
Availability and commitment to a response within 3 hours
Collection of data from the organization's infrastructure and correlation with cyber intelligence to find live incidents in the organization
The service is provided in two configurations:
1. Data collection without the client
2. Data collection including the client
A firewall to protect sites and web-based applications from hackers and from the malicious actions of automatic bots
The services include:
• Conducting status surveys of the existing WAF solutions and presenting a plan for enhancing app security to the highest level
• Providing routine consulting services and activities towards WAF solutions in the organization, either temporary or permanent, based on the methods recommended by Taldor
• Preparing WAF solutions for compliance with the standards (PCI, etc.)
• Producing progress and periodic reports for clients
• WAF updates based on the outputs of penetration tests, scanning applications or reports of the client's cyber systems.
• Handling of Internet incidents associated with web applications protected by a WAF solution, including incident reports, recommendations, and implementation based on the client's approval.
• Working proactively with the client on cyber threats and new malware, including adapting of the WAF to meet these threats
The keys help secure your information:
Data storage. For example: encryption of databases on smart phones
Data transfer. For example: encryption of the medium or defining of a VPN
Data consumption. For example: authentication and access to the cloud
• The system enables us to examine the organization's security assumptions, to identify possible security gaps, and to apply the insights, in order to improve the stability of the organization's information.
• The system works by simulating a vector attack (a different vector attack on each occasion) that includes known internal and external attacks.
• The results are presented to the organization in reports that reflect the state of the organization's information security, according to the type of simulated attack.
• Running simulated attacks from anywhere.
• Obtaining a comprehensive security assessment of the most sophisticated attacks by known vectors.
• Simulations on demand shorten the test cycles and speed up the time to implementation of a fix.
• Easy and immediate deployment of the solution.