MBR Technology provides full-scale security assessment and planning services for components of IT infrastructures:

We help our customers identify security risks and determine measures to mitigate them by offering our competencies in the areas listed below.

Our security experts offer ways to monitor the robustness of your cyber environment against security threats, identify vulnerabilities in your network or applications, improve the performance of your information security solutions and ensure that your sensitive data is protected.

We uncover security gaps in the components of our customers’ IT environments. MBR Technology’s security team carefully checks the level of protection of your IT infrastructure and defines measures to reduce the number of vulnerabilities in your network and applications.

The complex of security testing services includes:

Infrastructure safety audit
Our security team assesses your IT infrastructure to identify vulnerabilities in the following areas:

• Security policies and procedures.
• Security monitoring tools.
• Physical access control.
• Configuration management.
• Version control.

Compliance test
Our security engineers perform automated and manual scans of your IT environment and its elements to ensure your compliance with PCI DSS, HIPAA and other regulations and standards. The security team provides you with a detailed letter of attestation based on the test results.

Vulnerability assessment
MBR Technology performs automated and manual security assessments to identify vulnerabilities in its customers’ IT infrastructures. Our security testing team identifies, measures and ranks network security weaknesses. Based on the results of the assessment, we make recommendations to our customers to help them eliminate security risks.

Penetration test
MBR Technology’s security testing team identifies system vulnerabilities, verifies existing security measures and provides a detailed remediation roadmap. Equipped with specialized tools and industry-specific test scenarios, the team performs penetration testing according to one of three approaches:

• Black box test. We work in near-realistic conditions, with strictly limited knowledge of your network and no knowledge of the security policies, network structure, software and network protection used.
• The gray box test. We examine your system, which has some information about your network, such as user login details, architectural diagrams or an overview of the network.
• White box test. We identify potential vulnerabilities using administrator rights and access to server configuration files, database encryption policies, source code or architectural documentation.

MBR Technology’s security testing team evaluates the stability of your infrastructure and its components by testing them beyond their normal operating capacity using specialized tools such as Siege and Apache JMeter. To emulate denial of service (DoS) or distributed denial of service (DDoS) attacks against your network or applications, we apply our expertise to

Determine whether the robustness of the software or hardware is satisfactory under stress conditions (e.g. heavy network traffic, process loading).
Identify possible errors that may occur if the system is overloaded.

Poorly coded and poorly protected applications can put a company at risk and cause data breaches. MBR Technology offers its skills and knowledge in assessing and testing the security of applications (web, mobile, desktop), as well as finding ways to help its clients ensure the effective protection of corporate data stored locally or remotely.

Every programming language has quirks that can cause security vulnerabilities during the development phase. MBR Technology’s security experts detect existing problems before your applications are “published”.

Our security engineers conduct automated and manual security code review and communicate with senior developers and architects (if required) to help you do the following:

• Detect bugs introduced into an application during development to improve software quality and increase the level of protection.
• Highlight weak points in your application’s source code where vulnerabilities can occur.
• Find the most cost-effective ways to eliminate security weaknesses identified in applications.

With the proliferation of mobile devices, mobile applications and programs used in corporate networks, businesses are faced with the need to manage and secure their usage. MBR Technology offers their expertise in implementing appropriate device management policies and applying control measures to the installation of new mobile applications.

Our security testing team has extensive experience in properly installing and tuning mobile device management (MDM) and mobile application management (MAM) solutions such as Microsoft Intune to ensure mobile security. We can fine-tune the mobile security services you choose to implement and set policies accordingly for the following:

• Ensure that devices (both corporate and personal) and applications comply with your internal security policies and requirements.
• Control how your employees use and share corporate information through their mobile devices and the apps they use.

MBR Technology helps its customers secure cloud solutions. As a Microsoft Partner, we have the experience necessary to set up custom security components such as Azure Security Center, allowing for security management and threat protection across cloud workloads.

MBR Technology security engineers can implement appropriate cloud security measures and configure cloud protection solutions to ensure that

• Continuous and efficient monitoring of the security of your cloud applications.
• Analysis of event logs from your cloud solutions and instant detection of suspicious activity.
• Remediation of security weaknesses potentially present in your cloud environment.
• Implementing the necessary security policies to ensure that your cloud solutions meet appropriate security standards.

MBR Technology’s security experts ensure that a website, web application or web services are properly protected.

• Our security testing team performs a vulnerability assessment to check whether appropriate encryption, authentication and other security measures have been implemented in a web application, a web service or a website.
• Based on the assessment results, our security engineers provide customers with valuable recommendations on how to improve the protection level of their web solutions .
• We offer penetration testing services (as a one-off or regular service) to provide our customers with detailed information about the real security threats they may face and to identify the most critical security weaknesses.

In particular, by improving corporate network security, you can reduce the risk of falling victim to privacy fraud, identity or company proprietary information theft, Man-in-the-Middle and DDoS attacks.

We apply multiple layers of defense to protect your corporate network and the sensitive data stored within it. MBR Technology’s security engineers know several ways to keep your private information safe and reduce the likelihood of successful attack attempts against your network.

MBR Technology’s security engineers offer their knowledge of IBM Security QRadar to provide you with a 360-degree view of your IT environment and obtain accurate analytical data on security incidents in real-time with a QRadar-based SIEM solution.

We offer a full range of QRadar-related services.

• QRadar consulting services. We help you develop a relevant strategy to seamlessly integrate QRadar into your corporate IT environment.
• QRadar deployment architecture design. We collaboratively prepare the technical design of your QRadar in accordance with predefined system requirements, making it an integral part of your security network.
• QRadar deployment. We deploy QRadar to ensure the proper functioning of its modules and the high performance and scalability of the platform.
• QRadar fine-tuning. We connect log sources to QRadar, normalize the data flowing to it, configure its modules to handle events from multiple network objects, develop custom correlation rules to allow QRadar to uncover complex attacks and correctly detect security crimes.
• Switch to QRadar. We shift your SIEM solution that does not meet security requirements to QRadar so that the platform can help you identify and respond appropriately to emerging threats.

For enhanced health checking of a QRadar solution, our SIEM consultants have developed a standalone QLEAN tool for IBM Security QRadar SIEM.

What QLEAN does:

• Provides automatic monitoring of QRadar performance.
• It checks various key QRadar performance parameters such as EPS and FPI statistics, incoming log data quality, events and streaming timelines.
• It evaluates the received data with more than 50 operational metrics and 25 health flags and reports the platform’s performance issues to QRadar administrators to investigate them one by one.
• It detects potential deviations in QRadar performance that could prevent security experts from seeing the true state of security.
• It recommends further improvements to the QRadar configuration to eliminate the resulting drops.

In case a company decides to implement a specialized online solution like CloudFlare to protect its networks against DDoS attacks, MBT Technology has security experts with the skills to properly implement and configure such solutions. Our security engineers set them up like this:

• Prevent network outages due to abnormal amounts of malicious traffic.
• Keep the components of your IT environment in a state of high availability.
• Quickly analyze cyber-attacks in case they occur and allow you to adjust the security policies implemented within the company network to avoid such cyber-attacks in the future.

We help our customers keep their corporate information secure in e-mail communication and protect it from unauthorized access, loss, etc. we can help keep them safe. MBR Technology’s security experts will protect your network against phishing, spam, malware and other attacks against email services. Having worked with solutions offered by major vendors such as FortiGate, Microsoft and Cisco, we have gained the necessary experience to

• Integrate an email security solution of your choice into your company’s infrastructure to ensure smooth operation.
• Set the selected email security service to prevent your sensitive corporate data from being lost or (deliberately) inadvertently shared by your employees via email.
• Properly configure your email security solution to reduce the likelihood of your company facing email security threats.

MBR Technology’s security team implements and determines the security rules of specialized solutions to control incoming network traffic, scanning it to detect and block possible attacks. We offer you the following cyber security measures for your application:

• Hardware or software firewall protection to prevent identity theft, malware, online fraud and other common cyber threats from the Internet.
• An intrusion detection system (IDS) to instantly alert your system administrators about suspicious activity on your network and an intrusion prevention system (IPS) to block attacks before they become serious security issues .
• A data loss prevention (DLP) system to prevent critical corporate information from leaving your network due to careless behavior of users.

MBR Technology’s security engineers configure antivirus protection for

• Improve the security of the network from viruses, spyware and other types of malware from the internet or external drives.
• Increase your network’s protection against phishing and spoofing internet attacks aimed at stealing your sensitive data.
• Give your system administrators enhanced control over all web activity happening on your network to prevent various types of cyber threats from affecting the security of your corporate data.
• Remove potentially harmful software and threats, preventing them from traveling further inside your network.