세븐 포인트 보안 솔루션

Comprehensive Approach to Security

Best-in-class security consulting, managed & support services. Includes advanced approach to patching & compliance needs. We bring a proven, layered, defense-in-depth system to future-proof security environments for digital transformation.

Security Support for Critical Technology Stack Components

Unified security & unified visibility across the application, middleware, database & operating system layers. We provide services to identify, prevent and combat threats for legacy systems.

World-Class Expertise & Experience

Industry expertise, best-in-class tools & strategic partnerships. Our seasoned experts ensure tightened security controls & compliance measures across the software infrastructure ecosystem.

Our Security Philosophy

We deliver a layered, Defense in Depth approach to security.

This means targeting the weakness category (CWE) rather than chasing individual historic threats or CVEs or trying to predict future CVEs. Addressing individual vulnerabilities is counterproductive. Many are active but not yet discovered, and others are still exposed because the patches did not work.

Our proactive approach future proofs the security of your environments.

We use hardening techniques and compensating controls to ensure your systems can pass penetration testing and audits. This comes standard with our third-party support. Using CIS & STIG Benchmarks, we guarantee you a more secure environment.

Spinnaker Support의 세븐 포인트 보안 솔루션

Vulnerabilities and exposures now arise from a variety of external and internal sources, and effective security must address the full technology stack. Download the Security Services Solution Brief.

From our initial risk review, our team of experienced engineers adhere to the Seven-Point Security Solution, shown below. An established framework that combines proven people, processes, and technology to resolve issues as they occur and deploy the necessary tools and techniques needed to proactively maintain a secure application environment.

  • Discover & Harden
  • Security Incident Response
  • Threat Intelligence
  • 1. 커스텀 리스크 검토

An audit and risk review for your systems, including reports with recommendations on configurations, encryptions, access management, and best practices and guidelines. This feeds into Attack Surface Reduction.

  • 2. 공격에 취약한 부분 감소

We advise on how to properly configure and harden applications, operating systems, servers, databases, and networks.

  • 3. Compliance Audit Support

Consultative services designed to adjust your audit controls in order to be in compliance with attestations such as SOC2, HIPAA, GDPR, and PCI. 

    • 4. Vulnerability Support

    Submit a ticket at any time for security-related activities and to address vulnerabilities. We use compensating controls (external to application code) to mitigate security risk.

    • 5. 보안 리소스 라이브러리

    Includes white papers and solution briefs on a wide range of topics related to security that we can share with any of our customers.

    • 6. Proactive Security Tooling

    A portfolio of security products designed to implement the Spinnaker Security Philosophy across a range of Oracle products.

    • 7. Risk Assessment Bulletin

    We monitor Oracle CVEs and publish periodic email bulletins for customers. These include CVE descriptions and offer best practice recommendations.

    Seven-Point Security vs. Software Publisher Patches

    We understand that some enterprises considering third-party support are concerned about the loss of quarterly software patches for critical vulnerabilities and exposures (CVEs). While SAP supplies its customers with most security patches even when not on SAP Support, Oracle does not offer customers access to security tools after they leave its support program. 

    While code patches do block vulnerabilities, the reality of the software patching process often does not meet its promise.

    오른쪽으로 스크롤 »

    The Reality of Software Patching

    Our Response on Patching

    타이밍Patches are not timely (can be months or years late).Virtual patching tools and proactive monitoring provide near-immediate protection.
    SPECIFICITY패치는 천편일률적이며 사용자 맞춤화에 문제가 될 수 있습니다.You should only have to receive the fixes you need.
    버전Patches may not be available for older versions and applications.By addressing issues at the infrastructure level, you protect the entire stack, regardless of app versions.
    TESTING패치를 테스트하고 설치하려면 귀중한 시간을 들여야 합니다.For CVEs, methods such as virtual patching save valuable time by cutting short testing and installation.
    APPLICATION많은 조직이 운영상의 제약으로 인해 패치를 적용하지 않거나 정기적으로 적용하지 않습니다.Organizations must remain vigilant for CVEs and not rely on patches that may not actually solve the issue.
    Solution Brief

    Spinnaker Support Seven-Point Security Solution

    Our Seven-Point Security Solution replaces a sole reliance on patching with a stronger framework that covers a wider range of security issues. Our refined approach begins with an initial risk assessment and continues with ongoing vulnerability management. Through people, process, and technology our global security professionals continue to work until the security issue is properly addressed and the risk is mitigated.

    자세히 보기
    Solution Brief

    Software Publisher Patches vs. Spinnaker Support Security

    When organizations consider switching from publisher to third-party software support, it’s common for them to have questions regarding patching and security risk. Spinnaker Support addresses those concerns with our standard Seven-Point Security Solution, which exceeds the performances of patches as a CVE solution. From day one of the customer experience, we use a multilayered approach to replace security patches and updates with a holistic approach to security.

    자세히 보기

    Proactive Security Tooling

    As a part of our Threat Intelligence, Spinnaker Support has partnered with commercial vendors to implement our security philosophy and offer protection to organizations that want or need these additional tools. We are responsible for all installation and training, some of which can take less than a day.

    Our current selection of products includes middleware protection (Waratek), database protection (McAfee), and operating system protection (Trend Micro Deep Security). For additional details on our Security Solutions, please contact us directly.

    Tech Stack

    Spinnaker Support takes your data and application security seriously

    Security is standard to all our operations. This philosophy is embedded in how we support our customers, and we deliver security solutions designed for your unique set of applications and systems. 당사의 자체 운영에 적용하는 것과 동일한 엄격한 표준을 사용하여 보안 및 컴플라이언스 조치에도 투자합니다.

    Spinnaker Support는 민감한 회사 정보 관리를 위한 ISO/IEC 27001:2013 인증을 모두 받았으며 품질 관리 원칙을 위한 ISO 9001:2015 인증을 받은 최초의 제3자 지원 제공업체가 되었습니다. Spinnaker Support는 EU-U.S. and Swiss-U.S. Privacy Shield 프레임워크Cyber Essentials 인증을 받았습니다.

    ISO 9001 Quality Logo
    Certified IBMS Logo
    Cyber Essentials 로고
    Privacy Shield Logo

    경이로운 유지보수 서비스를 경험할 준비가 되셨습니까?

    훨씬 저렴한 비용으로 특별히 맞춤화된 기업 소프트웨어 지원을 제공할 수 있는 방법에 대해 자세히 알아보려면 무료 컨설팅을 요청하십시오.

    Powered by Translations.com GlobalLink OneLink SoftwarePowered By OneLink