Brief

Poker is not the only game you can find online where you can stake real money. Casinos have built entire platforms and gone online. More and more users join together on the internet playing games, and the entertainment industry has not fallen behind.

But does the industry really know how to keep up with everything that is at stake?
Has the software your business is offering been developed with security practices in mind? Has it been audited? Is your online platform protecting your users, and is their data safe? Are you prepared to give an incident response? Is your infrastructure able to detect and prevent intrusions? Have the people you work with been trained in a security awareness program?

If you do not know how to answer any of these questions, this is where we fit in.
Let us help.

Most executives do not realize the urgency to quickly contain an incident, the consequences of them, such as data leaks, gaming outcome manipulation, gaming unavailability, direct impact on company’s image, users respect, and in some cases, we are talking about being unable to fulfill service level agreements (SLAs).

Everything we're mentioning translates to huge losses, and some may be irrecoverable for some companies.

What are we offering

Our team has broad experience implementing solutions to cover the aspects that need to be taken care of to answer the previously stated questions.

Whether you are an experienced business in terms of information security, or you are just recently started, we run as an intermediate between your company and regulation entities, providing services to generate reports that ease licensing processes.

Among the possibility to certify for ISO 9001 and ISO 27001, we include certifications for our online Awareness Security program.

How do we do it

In this section, we're going to cover two different strategies. This is, to no extent, a broad or detailed explanation of our entire process, but a general base to give our clients an idea of how do we work on the offense and defense.

On the offense

In this process, we basically try to find flaws and see what an attacker may find if they were to have the knowledge we have.

1. Pre-planning & Prep
  • Information gathering & Analysis
  • Scope definition
  • Agreement
2. Audits stage (depends on several factors)
  • External audit (public accessible, websites, web app)
  • Internal audit (servers, network)
  • Audit to custom software/game app
    • Mobile App
    • Desktop App
3. Vulnerability management
  • Known vuln. identification for each asset
  • Exploitation
  • Post-exploitation
4. Deliverables
  • Audit report, specific per asset
  • Vulnerability report, specific per asset.
    • What vuln and where.
    • How to fix.
Protection suggestions

A company tailored proposal for protection depending on previous assessment and current infrastructure (see the following section for more information).

On the defense

With Security Information & Event Management, you get to get a whole picture of the security state of your network and endpoints.

With a SOC-as-a-Service, cyber-security specialists will be by your side working dedicated to getting the fastest possible threat detection and alert consolidation.

And finally, with an expert team 24/7 continuously identifying threats and responding to incidents, you get to have a Managed Detection & Response solution.