logo-gif icsc-logo
Our Mission

The ICSC Company’s core specialization is cyber-security.

Our services include, but are not limited to it, a security audit, penetration testing, building of fully secured IT environment, providing on-demand data and business protection, and etc.

Be it a bank, e-commerce platform, telecom operator, software development facility or other enterprises, ICSC helps to discover and eliminate any hidden vulnerabilities in corporate networks and websites.

Our top-level consultants will provide you with comprehensive implementation plans to improve your critical service protection, helping your company to focus on its primary business while keeping the data safe and secure.

image
ICSC provides:
  • Developing the Security Operation Centers
  • Black-, gray-, and white-box penetration testing
  • Managed Detection and Response Services
  • Forensic Analysis...
Our certificates
Services
Security Operation Centers

Often cyber attacks remain unrecognized and companies reveal the data leakage only after their business had lost the private data. As globalization speeds up the business worldwide, more and more companies risk of being targeted by individual hackers and even cyber-terrorists.

From small e-shops to large enterprises, businesses are starving for complex security solutions that provide 360-degree management of IT security, including monitoring, alerting, and reporting of incidents.

To respond to these needs, ICSC develops the Security Operation Centers that can be built from zero or incorporated into the existing IT infrastructure. Depending on your business needs, ICSC can build an integrated solution or integrate stand-alone security modules into the existing IT landscape.

If your company had already run one or several SOC modules, we can offer you to add the missing components to build a more comprehensive solution with higher protection.

Alternatively, your company may need to build the SOC from the ground - in this case, ICSC will offer you solutions based upon the industry-leading systems and customized for your business needs.

Our team has proven experience in implementing the SOC infrastructure with HP ArcSight, IBM QRadar, Splunk and other market-leading security systems.

You know your business, and we know how to protect it with maximal efficiency and minimal investments.
Monitoring systems
systems keep an eye on computers and equipment that are potentially vulnerable. They continuously monitor the key indicators and report the pre-configured metrics
Alerting system
analyzes the monitoring data and generates the alerts if any suspicious activity is detected. If any indicators exceed the threshold values, the alerting will notify the person in charge about an unusual activity.

Imagine an accountant’s PC: is not it suspicious if this computer suddenly starts sending hundreds of emails to external accounts? The alerting system can notify the security officers about this so that they start checking as soon as possible.

Escalation
provides the automatic informing of the security managers about the alerts. It is their responsibility to make sure that the incident is properly detected and the protocol required by company’s business process is activated.
Investigation
is required to make sure that the incident is not left without proper reaction. The security officer must detect the suspicious activity source, its target and eliminate the threat.
Compliance monitoring
is required to ensure that the digital security infrastructure components, as well as the security business processes, comply with the industry standards. These type modules are highly demanded as the attack diversity and complexity grow from day to day, making it difficult to manually evaluate the security circuit compliance.
Incident logging module
provides recording of all activities taken by the company as a counter reaction to the detected threats. This includes logging of the initial behavior of the attacked systems, the actions taken by the security officers to stop the distribution of the aggressive code, and any other information related to the incident.
Reporting module
summarizes the information received from other systems by incident type. Such summarized documentation provides detecting the inconsistencies in stand-alone systems and in the corporate security processes, making it possible to introduce the improvement strategy for corporate security infrastructure.
Penetration Testing

When companies expose their services through the internet, they inevitably face the risk of being attacked by hackers. Whether you run an e-shop, provide telecom services, internet banking or offer a trading platform, your services become public, meaning that virtually anyone may find vulnerabilities and gain unauthorized access to your resources and data.

By offering penetration testing, ICSC helps companies to find the security gaps in their public services. Our professionals will imitate all attack types trying to identify any possible security gaps. After the penetration testing is done, we will provide you with detailed analysis and offer you the implementation plans to eliminate the identified problems of your security infrastructure.

How we do that? We offer three types of penetration testing:
Black-box testing

We imitate an attack on a public resource of your company. According to this scenario, we know nothing about the internal architecture of your system or security software used by you. We try to gain unauthorized access to your resources by finding vulnerabilities in your public system.

Gray-box testing

This scenario assumes that an attacker has received some knowledge about the internal systems of your company or its business processes. In real life, it may happen if somebody from the company staff is helping attackers by providing them with private information.

Apart from that the gray- and black-box testing are similar. As a result, you will receive an analysis of the security problems in your services.

White-box testing

The white-box testing imitates an in-house attack. Imagine a person who is working for your company and trying to access data or services that she/he is not authorized for. Having access to your internal network and some security infrastructure knowledge, such persons may try to hack your company resources. This is extremely dangerous and may lead to dramatic consequences.

During the white-box penetration testing, ICSC specialists will imitate such attack types. We will test the access privileges and rules for various user categories, run the scenarios for different user roles. This comprehensive security check will help you to identify the problems in your internal infrastructure and update the security rules and policies so that attacks from the inside become impossible.

Managed Detection and Response

Fast-growing companies often do not pay much attention to security. They just don’t have enough time, enough knowledge, and enough financial resources to build the comprehensive security infrastructure. Their primary focus is far away from that, and they may be feeling much excited about their bright opportunities until they suddenly become a cyber-criminal victim and their business is ruined. No matter how far your business is from IT, the security does matter for you.

So what is the solution? How can you minimize your investments in IT security systems and receive reliable cyber protection for your business?

Security outsourcing is an answer. No need to invest millions into the security systems, no need to hire security officers and build expensive infrastructure, especially if it is not directly related to your business goals. Outsource security with ICSC and get Managed Detection and Response as a service.

We will take over all security responsibilities, including infrastructure, business processes, software, networking and all required staff for it, helping you to concentrate on your primary business. ICSC will develop an individual security outsourcing plan which the best matching your business model and requirements.

Forensic Analysis

Sometimes companies are able to identify that unusual activities take place in the corporate infrastructure. These may be unexpected attempts for data exchange with remote computers, mass sending of emails, continuous scans of internal resources, etc. You may realize that something is wrong in your network, but you cannot figure out the reason and detect the compromised assets.

ICSC specialists can help you with that by performing the forensic analysis. First, we will identify the root source of abnormal behavior: be it an infected computer, network vulnerability, or in-house attacker. Then the investigation will start: by collecting the data from your environment, we will gradually build the ‘big picture’ and understand how the malware got into the corporate network, what the entry point was, and what this attack target was. And, finally, the most important: what data has leaked and where.

Most probably a forensic analysis will not help you to return the leaked data back. However, it will help to minimize the loss, identify the attack source and structure, and introduce the security improvement plan that will protect your infrastructure from the similar attacks in future.

History
  • Today, ICSC is ready to provide security inspection, testing and investigation services at a high professional level for clients.
  • International Cyber Security Center is a number of leading companies that have combined their experience for more than 10 years in the Eastern European market. Our team core competencies are in developing and integrating the solutions for detecting and preventing the cyber threats, penetration testing, investigation of information security incidents, a creation of the CSIRT centers for various large and medium-sized companies.
  • The International Cyber Security Center represents a combined experience of 1,000 implemented projects in more than 300 large commercial and state-owned companies to investigate the cyber-attacks and cyber threats.
  • International Cyber Security Center includes more than 40 professionals and developers in the field of cybersecurity and they have been winning clients’ trust ever since.
image

Institute of Physics and Technology

one of the scientific-teaching departments of the Igor Sikorsky Kyiv Polytechnic Institute was founded in the February 1995 year. Institute trains specialists in modern sections of Applied Physics, Informatics and Informational Security.

Security systems integrators

with more than 10 years of experience in the Eastern European market

Technopark “Kyivska Polytechnika”

Science park "Kyivska Polytechnika" was created on the basis of the Igor Sikorsky Kyiv Polytechnic Institute – the association of business entities, created on the principle of combining the possibilities of education, science, production and business by coordinating the implementation of innovative projects. Today, the Kyiv Polytechnic Science Park consists of 110 high-tech companies from Ukraine, the USA, the EU, China, Japan, Australia and 10 venture funds, which start and bring modern high-tech markets to modern startups. http://kpi.ua/
Ukraine took the first place in Europe in terms of the number of IT-specialists.
To date, more than 100,000 Ukrainian programmers work in different companies, while the demand for IT-staff continues to grow in the global market.
This is the profile edition of IT Outsourcing News (http://itonews.eu/report-ukraine-powerhouse/)

Contact Us
International Cyber Security Center
General inquiries
info@icsccorp.com
Headquarters
4100 Newport Place Ste 255
Newport Beach CA 92660
United States
Tel. +1 (310) 926-9589