On Demand Penetration Testing Application/Network/Compliance Reporting ( ISO 27001/HIPAA/SOX/ PCI)

1. On Demand Security Testing Overview www.ivizsecurity.com An IDG Ventures Company

2. iViZ Industry’s First On Demand Penetration Testing Company

3. Industry’s First On Demand Penetration Testing Solution Subscription based security testing solution for applications, networks & compliance provides demand, comprehensive and cost-effective coverage IDG Ventures Funded A top tier venture firm with over $4 Bil. investment whose portfolio include Netscape and MySpace Research Recognitions Strong vulnerability research team credited with vulnerability discovery in products of Microsoft, Intel, McAfee, IBM, AVG etc., Technology Recognitions Globally recognitions from US Dept. of Homeland Security, Intel, World Economic Forum, Red Herring, London Business School etc., Strong Customer Adoption Large enterprises across various industry domains like Media, Web, E-Commerce, Banking, Telecom, Government, Technology and others About iViZ

4. Security Challenges Businesses Face

6. Threat Landscape Is Increasing! 8000 new vulnerabilities will be discovered this year Even Secure Organizations Are Not Safe! Threat Landscape Is Increasing!

7. Multi-Stage Attacks Are Harder To Detect Attacks Are Getting Complex Critical Server Non-Critical Server

8. The Solution

9. Proactive Regular Security Testing Penetration Testing Ensures You Are Safe Regular proactive Penetration Testing is needed to augment defensive security monitoring measures such as firewalls, IDS, IPS etc., especially in light of the rising level of targeted attacks

10. iViZ On Demand Penetration Testing Applications | Networks | Compliance Comprehensive | Cost-Effective | On Demand

11. iViZ Solution On Demand Application Penetration Testing On Demand Network Penetration Testing On Demand Compliance Reporting Covers compliance like PCI, SOX, ISO-27001, HIPAA & more SOX/HIPAA compliant penetration testing ISO-27001 compliant quarterly penetration testing Multi-Stage Attack Simulation to detect attacks missed in traditional testing Covers all 26 classes of WASC application vulnerabilities & OWASP Top 10 Business logic verification Covers all CVE / NVDB / SANS Top 20 vulnerabilities as well as data leakage detection Specialized Testing For Web 2.0 Technologies (AJAX, JavaScript, Flash, ActiveX etc.,) Automated Exploitation And False Positives Elimination PCI-DSS Scanning including compliance templates & auto fill-in from test results Expert analysis along with automated exploitation Expert analysis along with automated scanning

12. Solution Highlight Unique Multi-Stage Attack Simulation Technology detects all attack paths missed in traditional approach

13. iViZ Remote Security Operation Center Customer Network On-Demand Portal Internet Secure iViZ Scan Cluster Industry’s First Subscription Based On-Demand Solution Works over the Internet – Anytime - Anywhere Solution Highlight 1 2 3 SCHEDULE TEST FROM ONLINE PORTAL VIEW REPORTS ONLINE OR BY ENCRYPTED EMAIL TEST CONDUCTED AUTOMATICALLY OVER THE INTERNET 1 2 3

14. Hybrid Testing : Automated Scanning With Expert Analysis Provides Superior Security Coverage Solution Highlight Superior Coverage

16. On-Demand Portal Screenshots

17. Top 2 in Asia / Top 6 in World Top 100 in Asia Top 8 in World Top 4 Emerging Company Innovative Company Finalist Top 10 Hottest Startups Top 2 in India Global Technology Recognitions 2007 2008 2006 2009 2008 2006

18. Hard Disk Encryption BIOS Antivirus iViZ Research Recognitions iViZ Vulnerability Research has discovered security vulnerabilities in the following products F-Prot version 4.6.8, Sophos SAVScan 4.33.0, AVG for Linux version 7.5.51, Avast for Workstations v1.0.8, Bitdefender for GNU/Linux version 7.60825, ClamAV 0.93.3 Microsoft Bitlocker/Vista (SP0), SafeBoot Device Encryption v4, Build 4750 and below Hewlett-Packard 68DTT Ver. F.0D, Intel Corp PE94510M.86A.0050.2007.0710.1559, Lenovo 7CETB5WW v2.05 iViZ Follows Responsible Disclosure Policy: 1) Private vendor disclosure 2) Vendor coordinated public disclosure 3) No public proof of concept

19. Media/Online Telecom / Mobile Financial Services Government Technology Others Customers Across Broad Industries

20. Thanks www.ivizsecurity.com [email_address]