AKS IT Services was established in 2006 and provides information security services including consultancy, compliance, network security, application security, cyber forensics, and IT security training. They have qualified consultants and have conducted over 1250 web application security audits. Their services include security consulting, auditing, compliance, forensics, and training. They work with organizations across industries to assess vulnerabilities, perform testing and audits, investigate cyber crimes and security incidents, and provide security awareness training.
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Leading InfoSec Firm Providing Consulting, Auditing, Forensics & Training
1.
2. Established in 2006
Providing services in the domain of Information Security, comprising of
• Consultancy,
• Compliance,
• Network Security,
• Application Security,
• Cyber Forensics and
• IT Security Training.
Qualified, Certified Consultants
Six years, more than 1250 Web Application Security Audits
AKS IT Services
4. • Consulting and Compliance
– Security Consulting & Implementation
– Information Risk Management
– ISO 27001 :2005 Implementation
– ISO-22301 Implementation
– Incident Handling
– Compliance With Various Guidelines
• Security Auditing
– Network Security Audit
– Vulnerability Assessment & Penetration Testing and
– Web Application Audit
– Mobile Application Audit
How We Help Our Clients
5. • Cyber Forensics
– Media Forensics
– Network Forensics
– Machine / Mobile Forensics
– Cyber Crime Investigation
– Fraud Investigation
• Corporate Training
– Security Awareness Training
– Cyber Forensics Training
– BCP/DR Workshop
– Preparatory courses for CISSP & CISA Certification
How We Help Our Clients
6. Indian Computer
Emergency
Response Team
(CERT-In)
Controller of
Certifying
Authorities
(CCA)
Indian Air Force
National
Technical
Research
Organization
National
Informatics
Centre
Indian Army
A few of the organizations we are empanelled with:
7. Vulnerability Assessment & Penetration
testing
Vulnerability Assessment
Identify and understand the existing vulnerabilities
Scan the targeted network(s) and host(s), based on the defined scan
policy
Collect the scan results and analyze for security loopholes,
configuration errors, default installation settings, overlooked setups,
password quality, firmware/software revisions, patch fixes, security
policy violations etc.
Penetration Testing
Testing and validation of detected vulnerabilities
Provides independent analysis of your network to locate all exploitable
vulnerabilities
Advise on the most effective solutions to secure network
8. Configuration Audit
Study and analyze the Servers, Network Devices and Security
Device’s roles and configuration through configuration audit.
Understand and evaluate the loopholes in the configuration, if
any.
Facilitate in hardening of information systems.
Network Performance Testing
Evaluate the Bottlenecks, Protocol Utilisation, Broadcasting
and Network Error in the network, identify their remedial
solutions and recommend implementation of the same to
mitigate identified errors.
Recommendations for Error free Network design.
Top Ten Interfaces showing more bandwidth and protocol
utilisation.
9. GAP Analysis
Our processes and methodology are benchmarked against industry
best practices and established standards. In this phase, a thorough
security assessment will be carried out with two goals in mind:
Identifying the present “As – Is” status vis –a – vis the desired
benchmark, and their impact on Information Security.
The ambit of this includes:-
Administrative Security
Physical Security
Logical Security
Processing Security
Business Continuity Management (BCM)
Identify gaps in the existing controls
10. Web Application Security Testing
The Standard used for Web Application Security Testing is
OWASP (Open Web Application Security Project). The OWASP
2010 represents a broad consensus about what are the most
critical application security flaws.
OWASP 2010
1. Injection Flaws
2. Cross Site Scripting (XSS)
3. Broken Authentication and Session
Management
4. Insecure Direct Object Reference
5. Cross Site Request Forgery
6. Security Misconfiguration
7. Insecure Cryptographic Storage
8. Failure to Restrict URL Access
9. Insufficient Transport layer
protection
10. Invalidate Redirect and Forwards
12. Core Impact – The most comprehensive penetration testing solution
for assessing and testing critical security vulnerabilities throughout the
organization.
Immunity Canvas – Canvas is a trusted security assessment tool that
allows penetration testing and hostile attack simulations to be
conducted by security professionals. Canvas offers a level of exploit
quality, availability, and real-world use unparalleled by any
competitors.
Metasploit – It is a solution for security professionals in enterprise,
government & consulting firms who need to reduce costs by making
network security testing more effective & efficient. Metasploit Pro
improves the efficiency of the penetration testers by providing
unrestricted remote network access and enabling teams to efficiently
collaborate
Our Range of Products
13. Nexpose - It is a vulnerability assessment, policy compliance and
remediation management solution designed for organizations with
large networks which require the highest levels of scalability,
performance, customizability and deployment flexibility.
Nessus - It is the industry’s most widely-deployed vulnerability and
configuration assessment product. Nessus features are high-speed
discovery, configuration auditing, asset profiling, sensitive data
discovery, patch management integration, and vulnerability analysis of
your security posture.
Acunetix - Acunetix web vulnerability scanner is a tool designed to
discover security holes in your web applications that an attacker
would likely abuse to gain illicit access to your systems and data. The
application can be used to perform scanning for web and application
vulnerabilities and to perform penetration testing against the
identified issues.
14. Mobile Forensics
Oxygen Forensic Suite – It is mobile forensic software that goes beyond
standard logical analysis of cell phones, smartphones and tablets. Use of
advanced proprietary protocols and phone APIs makes it possible to pull
much more data than can be extracted by forensic tools utilizing standard
logical protocols, especially for smartphones.
Susteen Secure View 3 - It provides affluent data to the mobile phone
forensic investigator or instructor with the foundation for law
enforcement, military/civil, consultant, corporate, and education
institutions to perform advanced, proficient mobile device investigations in
corporate IT, security, or criminal situations.
Paraben’s Device Seizure - Device Seizure is designed to allow
investigators to acquire the data contained on cell/mobile
phones, smartphones, tablets, GPS, iPhones/iPads/iPod Touch/iPods, and
PDA devices without affecting data integrity. With mobile phones, it is
designed to retrieve data such as phone numbers, sms, pictures, call
history, and full data dumps.
Forensic Products
15. Computer Forensic
TD2 - This second-generation product was engineered for standalone
forensic acquisitions in both field and lab settings, natively imaging
both SATA and IDE/PATA hard drives at drive limited speeds up to
9GB/min, in a 1:1 or a 1:2 (aka, “twinning”) configuration. One can
image SAS, and USB storage devices with TD2 by using the Tableau
Protocol Modules.
Encase - It is a investigation solution, is for forensic practitioners who
need to conduct efficient, forensically sound data collection and
investigations using a repeatable and defensible process
P2 Commander - It is a computer forensic solution for examiners who
need affordable, reliable digital analysis for computer investigations.
Built to process large volumes of data in a fast and efficient manner, P2
Commander is known for its advanced email and chat log analysis.
Continue…
16. Network E-mail Examiner – Paraben’s Network E-mail Examiner is an
advanced network email archive analysis and conversion tool. Examine
Microsoft Exchange (EDB), Lotus Notes (NSF), and GroupWise e-mail
stores without the need for a long and painstaking restore process.
Analyze, search, and report on pertinent data within the email
database and export to many mail formats including PST.
Chat & Email Examiner – Paraben’s Chat Examiner is another
specialized component of Paraben's P2 Forensic Collection that adds
one more powerful program to your toolkit. Whether your case has
ICQ, Yahoo, MSN, Trillian, Skype, Hello, or Miranda you'll be able to
handle whatever comes
Passware Kit Forensic - This advanced password recovery suite
allows you to recover more passwords, from more programs, in a
shorter amount of time using many different methods including the
advanced XieveTM attack method, distributed computing, and live
memory acquisition.
17. AKS IT provides the customized forensic workstation as per the
requirements of our customer. It can be of 2 types -
One can set up forensic workstation in their lab itself .
Another one is a forensic laptop which we can carry to the crime spot
for acquisition and analysis of data. It comes in a rugged carrying case.
Forensic Workstation
18. ALSTOM,
Andhra Pradesh Technology Services Ltd (APTS),
Bharti Airtel,
Central Board of Secondary Education (CBSE),
Ericsson,
General Insurance Corporation,
HCL,
Indian Railways,
National Informatics Centre (NIC),
NTPC,
Ranbaxy,
TCS,
WIPRO.. and many more
Some of our Clients