Security Assessment

• Architecture SWOT analysis (L1 -> L7).

• Vulnerability.

• Policy Status.

• Physical Exam.

• Deliverables.

Example: Vodafone, Siemens, German Federal Bank.

Threat & Risk Management

• Risk Measurement (protection against what / who?).

• Security Planning.

• Security Policy Development.

• Deliverables.

Security design according to BSI and ISO

• Vendor independent designs

• Best of breed approach

• Ready for certifications (BSI and ISO for example)

• Multi-vendor system management & log file correlation

Design of “Security Operation Center”

• Analysis of customer needs

• Agree on the Deliverables

• Designing a custom SoC

• Setting up workflows & control

• Training customer stuff

• Audit staff work regularly

• Product independent solution

Security Product Development for Carrier / ISP

• Gather service needs

• Propose solution draft to the product management

• Definition of the deliverables / specs

• Final design proposal

• Implementation services