Full list of services
Full list of services
PCI Software Security Framework Services (PCI SSF)
The PCI Software Security Framework (PCI SSF) is intended for vendors who develop payment applications, or applications related to payment functions. The framework consists of the Secure Software Standard and Secure Software Lifecycle Standard. We can help with training, preparations for the validation, remediation of non-conformities, and perform the validation. A successful validation results in the application being on the PCI Security Standards Council as Validated Payment Software. Note: The PCI Software Security Framework replaces the PCI PA-DSS Standard. PA-DSS will be retired in October 2022.
A
Access Management for Privileged Users
Leveraging privileged access management, various clouds and their users can be helped in a controlled fashion. When planned properly, the strong access rights are protected in a way where the malicious users have more difficult access to the privileged accounts decreasing breaches, while the correct users see benefits of simpler access to the various cloud services.
When moving to the cloud, agility and speed is the key and as a result management of privileged users may be initially be seen as a burden. These may include root or admin accounts, privileged user accounts, service accounts, application accounts or domain admin accounts. The burden is often initially ignored resulting in privileged rights being shared throughout different organizations and companies with eg. the cloud service provider, application developers, system integrator, internal developers etc. As the amount of different clouds and privileged users grows the management of these become a very time-consuming or less secure practice. Additionally, accounts with higher access rights than regular users, or privileged accounts, are frequently misused in breaches.
B
Bug Bounty Program
Most organizations have an increasing number of applications and servers to serve customers, partners, and employees, creating a complex environment to manage. A private bug bounty program will assess your security with a black-box view, like a cybercriminal looking for the weakest points. A bug bounty program does not entirely replace the need for more traditional assessments or security engineering work. However, it cost-effectively complements them and helps you improve security in an agile manner.
We will set up the bug bounty program for you. We work together with the leading bug bounty platforms, and our expert team helps define the digital boundaries where external hackers are allowed to operate. Our professional bug hunters, with proven skills and track records, will search your systems for anything that a malicious actor could use. Once a weakness is found and confirmed, we report it and help you fix the flaw.
Contact us for more information about our bug-hunting services.
Business-to-business and business-to-consumer IAM
Whether you are doing business with consumers or other companies, digital channels are a significant part of providing the service. To provide your users access to the right resources, information and support, you need to identify them first. Digital identities are an essential piece of the puzzle when you want to provide personalized, secure, and privacy-aware services with enhanced user experience for web and mobile applications, APIs, and face-to-face services.
We have years of experience building and maintaining Business-to-Consumer (CIAM) and Business-to-Business identity and access management solutions that help you develop and offer secure and privacy-aware solutions with reliable identification, authorization, auditing, and analytics.
Want to know more? Contact us. You can also read more about our customers and projects:
- Case: VASTUU GROUP - Using the MyData operator network to ensure smooth data flow between different organizations
- Case: DNA - Improving customer experience through smooth online services
- Case: POSTI – Identifying customers online and offline
C
Certification of electronic identification and trust services
Amendment of the Act on Strong Electronic Identification and Electronic Trust Services in Finnish legislation, put in force 1st of July 2016, requires service providers of strong electronic identification and signature to assess their compliance and deliver proof of compliance to the Finnish Communications Regulatory Authority (FICORA).
We are a certification authority approved by FICORA and provide customers with electronic identification and trust service assessments. We are an excellent partner for assessments, as we also have extensive experience on many other security frameworks.
Cloud Platform Security
Our specialists support building your cloud environment according to recommendations provided by the vendor as well as our own experience derived from working with various cloud technologies and being a member of the Cloud Security Alliance (CSA). With our help you can rest assured that your cloud services are built securely to ensure proper business outcomes and continuity.
With ramping up Infrastructure or Platform as a Service several services can be utilized quickly by several parties to decrease time to market. However, taking into account all security recommendations that are relevant for all parties for all services may be cumbersome. Nonetheless, in case these are not addressed properly, the end result may be a sub-optimal solution security wise. These may be costly and time consuming to address later on in the service lifecycle, possibly leading to downtime for the business and in the worst case scenario losing critical business data and reputation.
Cloud Provider Assessment
We can help assess the relevant risks for different cloud providers be it a technical assessment or administrative risk based approach to ensure that all the relevant measures and controls are in place to protect your business. Furthermore, we can help you assess that the certifications that the cloud providers have are relevant to you and cover relevant operations. When taking into use new cloud services we help ensure that the services are safe to use.
As companies have started adopting cloud at an increasing pace, several cloud providers have started providing specific services for different business units be it HR, Sales, Finance or Marketing. The benefits of these new solutions are often invaluable, however prior to moving business critical operations and data to the cloud these providers should have sufficient security measures in place.
Cloud Security Framework
We help our customers draw up a Cloud Security Framework to support their transformation based on methods we have developed over the years as well as utilizing knowledge developed with Cloud Security Alliance. The result of the Cloud Security Framework is a model, which identifies and mitigates the risks through safe processes covering e.g. vendor lock in, necessary controls, permitted data, and availability.
Generally, organizations have a cloud strategy or an idea on what cloud services to use and for what use cases. The benefits of the use case are generally well drawn out and compared to costs of implementing the cloud services. However often the risks associated with the use case may not be well defined if at all. This may result in making decisions based on an incomplete business case and in the worst case ending up in a difficult situation to remediate all the risks.
Cloud Threat Modeling
When moving to the cloud, we help you ensure that the relevant risks are identified and can be addressed accordingly. Our specialists can utilize different threat modeling frameworks to help define which one is most relevant for your business. We have vast experience in conducting threat modeling and analysis for products and services. The main benefit of Threat Modelling is to identify relevant threats and risks to provide valuable information for rational security investments and decisions.
When taking into use cloud services or building them yourself a generic model for security investments is made across the project without clear visibility on what the real threats and risks are. Therefore, it may be challenging to see the whole picture and whether the investments are reasonable and provide the appropriate value for that specific use case.
Read more
Collaborator security audit
The Collaborator Security Audit Service provides customers possibility to verify that security status of their partners and collaborators does not create unacceptable risks, the contractual requirements for security are followed and that the processes and security governance of collaborators is sound and according to industry best practices. Nixu auditor will identify business critical assets, which are exposed to collaborators, and either verifies that contractually agreed security controls are protecting these assets or that the assets are protected based on industry best practices.
COMPLIANCE ASSESSMENT OF IDENTIFICATION AND TRUST SERVICES
We also assess the compliance of identification and trust services. A legislative amendment that entered into force in 2016 requires all service providers providing strong electronic identification and electronic signatures to perform a compliance assessment and submit the assessment result to the Finnish Communications Regulatory Authority. The providers of identification devices, identification services and identification brokering services are all considered to be service providers. Requirements are largely based on the EU eIDAS regulation and commonly applied standards, such as ISO 27001.
Continuous Vulnerability Status Measurement for Web Applications and Computing Platforms
Applications need to be developed fast and sometimes speed is the enemy for quality and security. What about the server software you just purchased? Is it free from plaguing security vulnerabilities that can cause you expensive downtime? And does your IT service provider install security fixes swiftly after they have been released?
By applying continuous web application scans for applications and computing platforms that are accessible via Internet, your organization can be assured that most obvious software vulnerabilities are discovered and reported. Continuous scanning significantly reduces the probability of production failures and other disturbances. Timely reporting ensures that responsible parties can execute prioritized remedy actions over your most critical computing assets.
We measure your web applications’ threat exposure from an information security point of view. When vulnerability scans are continuous and automated, the effectiveness of Vulnerability Management process is also measured as a whole, by revealing the remedy rate of found vulnerabilities.
Our service covers the canning technology and its maintenance including required license, regular vulnerability scans of the selected applications IT infrastructure platforms, and reports on the results as well as 24/7 support and contact point in Nixu Support Center.
CSA STAR
Cloud Controls Matrix (CCM) developed by Cloud Security Alliance is a set of criteria aimed at providers of cloud computing services. The key principle is to provide users of cloud services transparency as well as assurance on the security of cloud service providers. CSA STAR certification can be obtained on top of ISO 27001 certification.
Cyber awareness program
We tailor a cybersecurity awareness program to ensure a perfect fit for your organization's operational environment. Depending on your needs, we will adjust the awareness program content from general security topics to in-depth technical knowledge in your domain of expertise. The awareness program can include, e.g., e-learning, nanolearning, face-to-face training sessions, exercises, testing, and special events such as escape rooms.
Cybersecurity event
According to your requirements and expectations, we create a time-limited program for cybersecurity education: a cybersecurity day, week, or even a month. The program target is to raise personnel awareness on cybersecurity threats, to promote cybersecurity in everyday life, and to provide means to protect oneself online. The event program contains lectures, exercises, and tips about good practices. The activities can range from brief sessions for teams or simulated phishing attacks over e-mail.
Cybersecurity exercise
A cybersecurity exercise helps your organization improve and accelerate your ability to react, e.g., for data breaches, recover from them, and reduce their impact. After the training, your organization has better capabilities to detect and deter cyberattacks before your operations are compromised. In the exercise, we simulate a crisis that the participants solve by following existing processes and documentation. The simulation also serves as a means to improve the procedures and documents.
Cybersecurity Roadmap
The changes in your digital working environment may be rapid. However, you can still ensure that you are doing the right things to develop your cybersecurity optimally. We help you to improve the cybersecurity maturity of your organization and plan a roadmap. This way, you can efficiently plan and prioritize cybersecurity investments. We give you a 360-degree view on your cybersecurity maturity level compared to the international framework and industry best practices.
Cybersecurity training
We help spread knowledge and readiness in cybersecurity within your organization with the classroom training sessions or via online self-study. Each method has its merits; classroom training can be very interactive, while online training fits more easily into employees' busy schedules. We customize and deliver the training according to your wishes, utilizing the extensive experience of arranging cybersecurity training for small and large organizations.
D
Dedicated support
Nixu Dedicated support provides ‘Peace of Mind’ by delivering support services to organizations running an Identity & Access Management portal and/or security-based solution. Through our services, we enable reduced costs, business continuity and an SLA that matches both technical and business requirements. Based on our knowledge, experience and expertise, we are able to adjust our services to match your expectations. We are committed to delivering dedicated, proactive and trusted continuous support services for a more agile business.
Nixu Dedicated support has global coverage and is ISO27001 certified.
Our 24/7 Service desk monitors your business’s critical Identity & Access Management solution, enabling pro-active responses, prevention and immediate corrective action.
Solution support provides a single point of contact, which acts as a link between your suppliers, vendors and system integrators to facilitate resolution of your requests.
Vendor support for software vendors that develop Identity & Access Management and security products. We operate as an extension of your organization, bringing global coverage 24/7, multiple languages and deep technical expertise.
DevSecOps maturity assessment
Do you want to embed security into your software development lifecycle, but you aren’t sure where to begin? Our Road to DevSecOps service is the perfect fit for you.
We will start with a current state review from two perspectives: processes and technology. Based on your strengths and existing tool stack, we will create a DevSecOps roadmap for you, with prioritized next steps. We will help you transform your DevOps into DevSecOps with actionable steps. With our DevSecOps experts' structured evaluation approach, you will get:
- A maturity review of your current processes in development, testing, and DevSecOps practices. You will learn how your organization is doing compared to others within the industry.
- Evaluation of your existing tools for security automation and orchestration.
- Code scanning proof-of-value to explore the effectiveness of static application security testing (SAST) for your applications.
- Recommendations for an optimized tool stack.
- A development roadmap with prioritized next steps.
Our professionals have experience in software development, test automation, and information security. We will help you secure your development lifecycle. Contact us for more information.
Digital Forensics and Incident Response (DFIR)
Efficient cyber incident response reduces the duration of the interruption and saves money. Our 24/7 service of handling cybersecurity incidents and digital forensics investigations ensures that you can react fast and get back to normal as quickly as possible.
Our highly skilled professionals will efficiently resolve any cyber incident you might encounter using various malware analysis methods, reverse engineering, memory and file forensics, and combining the data with threat intelligence information. You will get:
- Our 24/7 on-call service with a predefined price, reaction time, and costs.
- Professional lead incident handler and a team of incident handlers and forensics investigators with access to the latest specialized tools.
- A full report of the incident, including executive summaries, analyses, recommendations, and lessons learned.
- Local incident response and forensics team in Finland, Sweden, The Netherlands, and Denmark. We provide both on-site and remote assistance.
To ensure that your organization gets the most out of our service, we begin with a service ramp-up project. Our Digital Forensics and Incident Response team take the responsibility of handling incidents from the time you contact us to the moment where the security incident has been resolved, and your business is back to normal. Contact us for more information.
Digital identity business advisory
Are you looking for someone to translate and map your business needs to identity and access management (IAM) vendors' solutions? Or maybe you need someone to implement and maintain an IAM solution? We support you in all your digital identity needs.
We provide consultation services and help you to, e.g., fine-tune your IAM policies and secure your digital identity processes. We can support your work with IAM vendors and conduct pre-studies. Our experienced IAM architects can design an IAM solution that fits your business needs and deploy, operate, and maintain it for you. With our service, you'll get:
- A dedicated digital identity consultant as a contact point and the experience of the entire team. We can also provide you with our large competence pool of extensive knowledge of cybersecurity and privacy.
- Business needs interpreted into technical requirements.
- Support for design, deployment, and maintenance.
We help you solve your IAM challenges. Contact us and ask for more information.
DPIA - Data Protection Impact Assessment
Conducting a DPIA supported by Nixu ensures a reliable, verified process with input from multi-skilled team of technical and legal privacy experts. The process goes beyond the mere identification of risks and includes suitable mitigation measures for your organization. Nixu's method is comprised of use case and process workshops with technical and legal points covered. We draft data flow maps to bring clarity to the processing activities, conduct a full assessment of risk with all expertise areas covered and produce a comprehensive DPIA report. The DPIA results will be methodically reported including a specific description of processing with additional data flow maps, an expert assessment of the necessity and proportionality of processing, a full and compliant assessment of risk to individuals and legal, technical and organizational measures to address the risk. DPIA report will deliver you the proof of compliance required for authorities and organizational partners.
DPO as a Service
Nixu’s Data Protection Officer (DPO) as a Service ensures your organization’s designated DPO has extensive legal, technical and managerial privacy expertise. Your tailored DPO will be accessed through one main contact backed up by a multi-skilled team, guaranteeing availability also during holiday seasons and yearly flu epidemics. The DPO will handle and coordinate expert non-operative GDPR tasks such as contact with authorities, privacy training, DPIA specialist advice, reviews of accountability documentation and managing of data breaches. This specialist service stays up to date with privacy legislation and ensures you have the right items on your organization's privacy steering group.
Read more
F
Fintech Security and PSD2
With us you can be innovative. And secure. New Payment Service Directive, PSD2, is forcing banks to evolve rapidly into open banking. It enables a whole new marketplace for new innovative financial service providers. PSD2 as well as GDPR bring challenges in meeting requirements for risk based security management, continuous security monitoring and incident reporting. With our help, you can focus on innovative services and leave the security requirements to us. We help you in building secure digital platforms as well as making sure you are compliant with both PSD2 and GDPR.
Read more
G
Governance and Compliance
Navigating the complex cybersecurity regulatory landscape can be daunting, but you're not alone. Our Governance and Compliance services are designed to guide you through EU product security legislations such as NIS2, RED DA CS, and CRA. By adhering to globally recognized standards like IEC 62443, ETSI EN 303 645, and FIPS 140-3, we ensure your products are not only compliant but also resilient against evolving cyber threats.
We strengthen your knowledge and capabilities with the following services:
- Gap Analysis
- Compliance Roadmap
- Process and Documentation Development
- Compliance Implementation Support
- Internal Audit
- Training and Knowledge Transfer
- Compliance Monitoring
I
IAM Roadmap
IAM roadmap is your company’s plan on how to take control of some or all identity and access management processes and activities. The roadmap expresses your desired state of the IAM and the concrete steps you need to take to get there. It also serves as a communication tool for you inside the company.
Whether your digital identity challenges are in the consumer business, B2B services, or your organization's internal identity and access management, we've got you covered. In workshops with all your relevant stakeholders, we'll analyze your identity and access management (IAM) processes and related architecture, and propose solutions that will help you achieve your business goals.
With our IAM roadmap, you will get:
- An objective current state analysis by our digital identity professionals.
- Recommendations on business objectives, process improvements, and possible technology vendors that would fit your needs.
- A roadmap with actionable and prioritized items.
Get your digital identities to the next level. Contact us to ask for more information.
ICS Cybersecurity Roadmap
How can you strike a balance between cybersecurity and safety when digitalizing fast? We help you build an actionable roadmap to improve the cybersecurity maturity of your ICS/OT environments. This way, you can efficiently plan and prioritize cybersecurity investments.
We'll start with a current state analysis taking into account people, processes, and technology. You'll get a 360-degree view of your cybersecurity maturity level in key cybersecurity capabilities, derived from international frameworks, industry standards, and best practices.
Based on risk and our industry experience, we help you set a target cybersecurity state and create a development program to build foundational cybersecurity processes and enable you to protect your ICS/OT environments, detect and respond to incidents and recover from malicious activity.
Contact us for more information on how to improve your ICS cybersecurity maturity continuously.
ICS Security Assessments
Want to know how resilient your ICS is? Our ICS Security Assessment takes an in-depth look into your security-related processes, system architecture, and network security compared to industry cybersecurity standards, such as IEC 61511, IEC 62443, and relevant sector-specific (electrical, chemical, maritime) standards. Our ICS security experts combine architecture and process reviews with threat modeling and technical security testing. You'll get:
- An overview of the weak points in your security controls and processes. All of our security reports are delivered and explained to you by real people – not robots.
- Analysis of potential internal and external threat actors endangering your systems.
- Detailed and actionable recommendations on how to improve your security.
We help you test your defensive capabilities. Contact us for more information.
Read more
ICS Security Development as a Service
Your safety and business continuity is our top priority. As a result, we are ready to take the lead in developing and maintaining the security of your ICS environment. In addition to implementing relevant security policies, guidelines, and technical controls, we will benchmark your environments against industry standards and work with you to ensure that your security is optimized to the relevant threat landscape and your risk appetite. Our highly experienced professionals have vast security backgrounds in ICS environments, especially in the oil & gas and nuclear industries.
ICS Security Monitoring & Incident Response
It's essential to monitor industrial environments for malicious activity and malfunctions and respond to incidents effectively to ensure vital services’ availability. Our ICS/OT monitoring solution involves the monitoring of the industrial control systems and detection of assets and both operational, network, and security events within an operational environment of an organization. With our service, you'll get:
- Insight into incidents and threats with a combination of human expertise and technology.
- 5x8 or 24x7x365 security monitoring of the ICS/OT environment.
- Direct alerting in case of security incidents.
- Onsite or remote support with analysis of operational errors.
- Onsite or remote support for incident response and forensics.
We help you to react fast to ICS cybersecurity incidents and get back to normal as quickly as possible. Contact us for more information.
Identity and Access Management in the Cloud
We provide the right types of identity and access solutions for organizations helping leverage made investments and expanding these solutions and processes as well as helping figure out new ways of working when taking into use new cloud services or helping with a hybrid cloud environment. In an optimal situation this is done with minimal visibility to the end user. Our goal is to ensure that the right people get the right access to the right resources at the right times for the right reasons, enabling the right business outcomes. This is especially valuable with cloud transformations.
People in general have become accustomed to quick usability of services from their consumer-driven cloud experiences, which has driven business cloud services to offer quick and easy adoption. Therefore, cloud services are adopted across organizations at an increasing pace.
However, this may lead to a situation where the cloud ecosystem is scattered across multiple organizations with difficulty in controlling access to the services. Due to the agile nature of cloud the identity of users’ needs to be addressed properly to facilitate service lifecycle. Additionally, there generally are challenges when migrating from one cloud to another or getting multiple clouds working seamlessly together be it within the organization or with external partners or customers.
Read more
Information Security Team as a Service
We provide you with an information security team as a service. We will coach your team and secure your information. We will lead your information security and make sure that everything works. We do not simply write security guidelines based on identified risks, we push matters forward by giving instant feedback. We also employ proven models to guarantee that processes and people perform as expected. Once we have secured your operations, we will attack you aggressively to see how your defenses will hold. In addition to testing your systems, we will test your personnel using social hacking.
IoT and Product Security
Security should be at the core of every product. Our IoT and Product Security services help you build the required secure product and software development lifecycle (SSDL) capabilities and processes, including:
- Threat Modelling and Risk Assessment
- Secure Component Selection and Review
- DevSecOps Pipelines
- Secure Design and Architecture
- Vulnerability Management
- Supply Chain Management
- Secure Software Development and Training
- We also provide technical testing and assessments through our device lab, verifying your product's security level and ensuring your source code is fortified against known and potential threats.
ISO/IEC 27001 CERTIFICATION AUDITS
One of our services is ISO 27001 certification audits. The ISO 27001 certification is suitable for all organizations that care for their information security, particularly those that wish to prove to third parties that they are following secure practices. ISO 27001 focuses on the security management system. We also offer the opportunity to combine other frameworks – such as CSA STAR, VAHTI, Katakri and PCI – in the same inspection.
ISO/IEC 27017 and ISO/IEC 27018
The best practices of cloud computing services are also described in standards ISO 27017 and ISO 27018. Officially, it is not possible to obtain a certification against these standards, but, in the context of the ISO 27001 certification, Nixu Certification Oy can provide the customer a statement of its compliance with these controls.
K
Katakri 2015
Katakri refers to the set of National Security Auditing Criteria that serve to evaluate an organization’s ability to protect classified information of authorities. Katakri is also used as a tool in conducting corporate security audits. Katakri consists of three subdivisions:
- T: for security management
- F: for physical security
- I: for information assurance
While an official Katakri approval requires the assessment of all three subdivisions, an inspection body can issue a statement on an assessment that covers only a certain part of operations.
M
Managed Detection & Response
Traditional antivirus solutions and monitoring tools cannot detect sophisticated attacks. At their best, they force you to work in a reactive mode, responding to incidents in a hurry and trying to minimize the damage. Instead of a hectic hassle, our Managed Detection & Response (MDR) service will secure your business from cyberattacks with a proactive approach, combining:
- Semi-automated threat detection and response service.
- Active defense: dynamic containment and blocking based on detected threats.
- Managed technologies like SIEM, EDR, and NDR to support your defense capabilities.
- Skilled analytics and expertise of our cybersecurity professionals
- Threat hunting, threat intelligence, and incident response
With our Managed Detection and Response solution that augments machine-learning and advanced detection technologies with the analytical skills of our cybersecurity professionals, you will get exceptional visibility into the endpoint and network layers to detect, contain, and prevent cyberattacks. With our help, you will be able to:
- Protect your workstations, mobile devices, servers, IoT, and OT devices in the cloud and on-premise.
- Defend against data theft, ransomware, malware, and other known and unknown threats.
- Identify data loss, such as employee credentials or sensitive documents.
- Get access to your real-time data, status, alerts, and investigation details with easy-to-use dashboards that will give you insight into your cybersecurity posture.
Contact us for more information and to get a Proof of Value trial period.
Managed Identity and Access Management (MIAM)
The sudden explosive growth in demand and the changing capacity needs in digital services can be challenging. If your organization does not keep up with maintaining secure digital services and improving customer experience, the end-users might switch service providers easily due to poor user experience. The lack of transparency in data processing and data security is another no-go for many users, so your identity handling processes must inspire confidence.
Nixu Managed Identity Service (Nixu MIAM) is a turnkey solution providing you with an all-inclusive digital identity journey that meets your digital business requirements – privacy-by-design and security built-in. We will take care of running, hosting, and continuously improving the service.
Nixu MIAM focuses on consumer and business-to-business identity and access management, but the technologies behind the service are also able to provide identity governance (IGA), IoT device management, and workforce IAM capabilities.
Contact us to ask for more information.
Managed Privileged Access Management (PAM)
Managing administrator accounts and other privileged credentials can be time-consuming for you IT. Privileged permissions typically accumulate because nobody remembers to remove them. Giving excessive permissions violates the principle of least privilege, and sharing admin credentials prevents you from having a proper audit trail. All this paves the way for cybercriminals who can use compromised credentials to lateral movement within the organization, resulting in serious data leaks.
Our Managed Privileged Access Management (PAM) service helps you with all kinds of privileged accounts: Windows domain admins, Linux root accounts, SSH keys, database accounts, and even social media accounts. We help you identify your essential accounts, the use cases for privileged access management, and security policies. We will implement the PAM solution using best-of-breed tools and maintain and monitor it for you.
With our PAM solution, you will achieve peace of mind, knowing that access to important data and administrative operations are protected. Your CISO, the legal team, end-users, and the IT department will all benefit because you will have:
- Auditability and compliance. With a full audit trail, you can track what happened and who used the credentials.
- Data protection. Credentials can be given to only one user at a time and are changed after every login.
- Reduced IT costs and less manual work to handle permissions.
Read more
Managed Security Information and Event Management (SIEM)
Logs are the foundation that enables incident response, forensics, preserving a full audit trail, and ensuring compliance. To be able to translate individual log messages into technical situational awareness of your cybersecurity posture, you need to combine and correlate the log data with a Security Information and Event Management (SIEM) system.
Our managed SIEM solution combines data from multiple log sources and puts the data in context. By using machine-learning and User and Entity Behavior Analytics (UEBA), we enable you to detect actions before a data breach happens and track incident information. Our managed SIEM gives you the following capabilities:
- Log collection and correlation, preserving the audit trail.
- Alerts based on events and event-chains, with correlation to threat intelligence feeds.
- Visualized information in dashboards and reports.
With our managed SIEM service, you will gain visibility into what happens in your networks and hosts. Our service includes hosting, licenses, maintenance, and an integration interface for all your logging needs. Contact us for more information.
Read more
Microsoft SSPA
Nixu is a Microsoft accredited security and data protection auditor. Microsoft Supplier Security and Privacy Assurance (SSPA) is a company program that sets the security and data protection requirements for all new suppliers, partners and subcontractors, which process Microsoft personal or confidential information. On behalf of Microsoft, Nixu conducts compliance assessments for new suppliers and subcontractors against the SSPA criteria.
N
Nixu Academy
Nixu offers cybersecurity and privacy education services to all organizations from management to technical specialists in order to ensure they have the needed skills and knowledge to protect critical data and systems and implement new digital services securely. We at Nixu want to foster motivation and individual ability to detect cyber risks and act securely. Our services include cyber simulation exercises, online self-study courses, workshops, trainings and cybersecurity campaigns.
Nixu Cyber Defense Center
At the core of our Cyber defense service is Nixu Cyber Defense Center where our cybersecurity specialists and systems monitor, contain and remediate security threats on your behalf 24/7. We protect your core processes and people and provide you with ability to detect early and react quickly. Nixu Cyber Defense Center offers return-on-investment tools for non-technical business owners who want to secure the continuity of their trade. It creates value by offering security that your customers trust. Unlike basic security tools such as virus software, we can monitor your whole information ecosystem. Our team hunts for threats, monitors data and alerts from customer environments, and flags anomalies. Our response team leads the investigation whenever there is a recognized threat.
O
O365 Security Review
Cloud misconfiguration is a typical reason for data breaches. Don't let cyber attacks hold down your business. Our Office 365 security review gives you a holistic view of your cloud security posture. We identify risky configurations and design patterns and provide you actionable steps to secure your cloud. You can plan and prioritize your security improvements based on best practices and our experts' recommendations
P
PCI DSS Onsite Assessment
PCI DSS Onsite Assessment is the assessment service for all parties that store, process or transmit cardholder data. We have experience in assessing different organization types such as large retail chains, small cafés, global service providers, payment gateways, airlines and banks. We don’t only assess, but help the customer in achieving and maintaining compliance as well.
The service is designed to be effective and cause minimal disruptions to the organization’s day-to-day operations. The assessment is divided into phases: Scoping, Documentation Review, Technical Tests and Site Visits, Interview and Observation sessions, Reporting and Closeout meeting. Each phase is carefully designed to guarantee a successful assessment with minimal disruptions.
PCI Preparation
PCI Preparation service is the initial step to PCI compliance. We train customer’s key personnel to understand PCI and its requirements. We focus on minimizing the customer’s PCI environment so that compliance can be achieved more cost effectively. The most important outcome of the service is a roadmap that contains clear tasks to be performed in order to become compliant. For each task, a cost estimate is provided and responsibilities defined. The roadmap can be further refined to become a project plan.
The next step after the PCI Preparation phase is usually remediation phase. We support this phase, and help ensure that compliance can be maintained also after the assessment.
Read more
Phishing simulation
Phishing attacks aim at convincing e-mail recipients to click a link, download an attachment or surrender passwords or other sensitive information to the attacker. Nixu creates a targeted campaign for your organization, in the form of a gamified end-user experience. The employees capable of deterring attacks get recognition, combined with brief information on the attack they managed to prevent. The positive reinforcement loop helps with motivation and increases the willingness to continue the training.
Read more
Privacy Support
Our privacy support service offers privacy specialists to run your privacy program development. It will be tailored according to your organization's needs. Privacy support covers scheduled tasks, ad-hoc questions and crisis management. Continuous privacy support offers expertise at hand for everyday privacy issue, robust support at a crisis situation and expertly managed annual privacy program. A nominated privacy specialist will head the service, backed up by a multi-skilled team of cybersecurity, technology, IAM and legal experts. The service typically includes specialist ad-hoc advice for your DPOs, a team ready to assist in data breach cases and development of your privacy management capabilities.
Product Life Cycle Partnership
Product Life Cycle Partnership
Our Product Life Cycle Partnership service is your comprehensive solution for all cyber security needs throughout your product's life cycle. This value-based, security-driven partnership encompasses a wide range of services, from essential compliance to advanced security capabilities. Whether you're starting from scratch or enhancing existing processes, we can build, operate, and transfer the necessary teams and capabilities to your organization. Product Life Cycle Partnership will be tailored to fit your needs and environment. It consists of modular services, which are introduced below.
Product Security Tooling
Automation is key to staying ahead in cyber security. Our Product Security Tooling service offers both automated tooling and professional services designed to enhance product security. From Code Security Reviews such as SAST, DAST, and SCA to meticulous manual assessments, we cover all aspects of securing your product's software and hardware. We can also provide tools to fulfil the EU requirements for the software bill of materials (SBOM) and offer a solution where you can centralize monitoring and management of all your software’s vulnerabilities.
R
Red Teaming
Organizations invest in defensive security measures to protect their business. But are those effective? And how well can an organization protect its most valuable assets?
Nixu's red team tests how well the combination of people, tools, and processes work together in practice when facing a targeted attack. Think of it as a fire drill for your organization's security team to measure detection capabilities and response times.
Nixu's red team utilizes the MITRE ATT&CK and TIBER-EU frameworks when conducting red teaming exercises. The frameworks characterize and describe adversary behavior, tools, techniques, and tactics used during targeted attacks. It also provides transparency during the red team exercise, revealing the utilized attack techniques and identifying gaps in the organization's security defenses.
As an outcome of a red teaming exercise, your organization gets:
- Invaluable insight into your detection and response capabilities when facing a targeted attack.
- An overview of the weak points in your security controls and processes.
- Detailed recommendations on how to improve your security.
- A full insight into the performed attacks to maximize your learning opportunity.
Nixu tailors the red teaming exercise to your organization's specific needs and the threats you are facing. Please contact us to further discuss how we can help improve your security.
Read more
S
Secure Software Development
We improve software development methods by introducing new security-enhancing elements in existing development methods, such as Scrum. These elements can be tailored to customer needs. Some of the elements we have introduced in the past include threat workshops, exploratory reviews and developer coaching in secure practices. We provide internal support and guidance for the development team, sparring with the team to ensure a secure software delivery.
Provided as a continuous service, secure software development not only steers the developers in a single project’s information security issues, but also helps improve their architectural solutions and software development processes. Individual projects can be supported by assessing the maturity of the developer team’s security solutions and practices. These assessments provide observations that are relevant also to the organisation's other development projects.
Secure software development
Building security into software begins with design and coding. We help you improve software development methods by introducing new security-enhancing elements in existing development methods, such as Scrum. These elements can be tailored to your needs. Some of the security practices we have introduced in the past include:
- threat modeling workshops
- exploratory code security reviews
- developer coaching in secure coding and design practices.
A dedicated software developer can also work on your project. We provide internal support and guidance for the whole development team, sparring with the team to ensure a secure delivery. Secure software development is provided as a continuous service. It steers the developers through a single project's information security issues and improves their architectural solutions and software development processes. Individual projects can be supported by assessing the maturity of the developer team's security solutions and practices. These assessments provide observations that are also relevant to your organisation's other development projects.
Read more
Secure Sourcing
OT system security is built upon supply chain security and the security of the individual components. Small vendors providing a highly critical piece to the OT puzzle may have designed the system with performance, rather than cybersecurity, in mind. Third parties often need access to the core of your OT system, and a flaw in their security may endanger your production. That's why it's essential to ensure that your vendors and partners follow the requirements set by the IEC62443 standard and other good cybersecurity practices.
We help you assess the cybersecurity posture of your vendors and collaborators. Our security professionals with experience in OT and ICS will analyze your system to identify critical assets exposed to collaborators and check that they are following contractual security requirements and processes. Based on the risk level and industry best practices, our experts can provide additional recommendations based on industry standards. We'll follow up with recurring audits and self-assessments to make sure your industrial environment stays secure.
Setting the correct cybersecurity requirements from the beginning is the most effective and economical way to introduce cybersecurity controls into the system and the supply chain. Contact us for more information.
Security Assessments
To support your various application and product development models, we offer security verification from traditional web applications assessments to automated vulnerability scanning services and bug bounty programs. Our Security Engineering experts can also help you to assess the required level security and support your developers improving application and product security. This enables you to ensure that security improvement costs are directed where they are most needed. We also conduct audits in accordance with a multitude of information security standards, recommendations and requirements.
Security verification
You can't beat a skilled security tester when it comes to discovering vulnerabilities in an application's business logic or chaining multiple weaknesses together. Sometimes you also need proof from an independent third party about the security posture of your product. Our experienced security testers will test your web application, mobile application, embedded software in IoT devices, or hardware. We assess the application security against specified criteria, such as OWASP top 10, Application Security Verification Standard (ASVS), Mobile Application Security Verification Standard (MASVS), or other industry best practices and hardening guidelines. The assessment can also include a source code security review.
Our security assessment approach combines state-of-the-art testing tools, examining source code, and the security testing know-how of our professionals. You will get:
- Expert analysis of the discovered and verified vulnerabilities, together with a criticality estimate. All our security reports are delivered and explained to you by real people –not robots.
- Mitigation instructions.
- Improvement recommendations to prevent similar vulnerabilities in the future.
We scale the testing based on the size of your system and the risk level: it suits any application, from a simple website to a critical banking system.
Our security assessment approach also keeps up with your agile development. We can test in multiple stages and continue supporting you to develop and verify mitigations with repeated tests. Contact us so we can help you scope the right kind of security assessment for your needs.
T
The Finnish government’s information security levels
The national requirements for information security levels constitute a tool which helps different parties meet the requirements of national information security acts. These requirements apply to the Finnish state administration and its service providers.
Nixu has piloted and provided definitions for the Finnish government's information security levels and ICT contingency planning requirements. We have performed information security level audits for the state administration and formulated operational plans for achieving desired security. With regard to the private sector, we have incorporated the information security level requirements into our customers' compliance management systems.
Threat Hunting
Do you know how effective your current cybersecurity defenses are? Are you concerned about your capabilities to detect an attacker who is using stolen credentials? Or maybe you are suspecting a malicious insider that is evading your detection tools? Or you could be looking to verify the signs of a data breach by an advanced persistent threat group, indicated by threat intelligence.
Our threat hunting service enables you to detect and react to cybersecurity threats that could evade existing security solutions. Our skilled threat hunters will search and analyze existing data from your Security Information and Event Management (SIEM), endpoint detection, and network detection solutions based on the MITRE ATT&CK framework and Nixu's threat hunting methodology. With years of digital forensics and incident response, hands-on expertise threat hunters will detect malicious code and the presence of threat actors, notice rarely used attack techniques, and spot anomalies that tools will miss.
With our threat hunting service, you will:
- Know how well your current prevention and detection capabilities are performing.
- Know if advanced threat actors have been able to bypass your defenses and what has happened.
- Get recommendations to improve your cybersecurity defenses and security posture.
Threat Intelligence
There are vast amounts of information related to cybersecurity out there. New threats, new attack types, new cybercrime groups – and sometimes misinterpreted results and false news. It can be hard to keep up with which cyber threats are relevant to your business, so you can be sure that you are optimally spending on cybersecurity.
Our threat intelligence service provides you with in-depth intelligence related to your company, such as your line of business, brand, and critical assets. Our threat landscape report, customized for your organization's threat landscape, will give you insight on strategic, tactical, and operative levels. You will get up-to-date information about the latest attack trends and activities in the North European market and the latest technical vulnerabilities and exploits relevant to your IT environment and assets.
With our threat intelligence service, you will:
- Keep track of new vulnerabilities, attacks, and attack techniques.
- Get a tailor-made threat landscape report that helps you recognize relevant threats to your organization and business.
- Be able to take proper mitigative actions and optimize your spending.
- Improve your organization's cyber resilience.
Get on top of cyber threats and ahead of cybercrime. Contact us for more information.
Threat modeling
Threat modeling is one of the earliest things you can do to improve the security of software. Before a single line of code is written, our skilled professionals can help you discover serious security and privacy problems using threat modeling techniques. This will help you avoid costly alterations to the features or architecture in later phases of software development, and help you avoid making insecure integrations with third-party services.
Our threat modeling approach combines several threat modeling techniques, such as discovering architecture threats with STRIDE, privacy threats with LINDDUN, and feature-related weaknesses with evil user stories. We always consider both the technology as well as the processes, such as maintenance and account management, behind the system. Depending on the size of the application or system, we will arrange one or several threat modeling workshops, where our threat modeling experts facilitate the initial discovery of threats together with software developers, testers, product owners, and other required stakeholders.
Threat modeling will help you find weaknesses early and discover threats from processes that cannot be assessed with security assessments or penetration tests. Threat modeling also helps you scope the most critical things to test with security assessments or penetrations tests. With our threat modeling service, you will get:
- A threat analysis report with discovered threats, possible consequences, and recommended mitigations.
- Risk estimates for the discovered threats. The risk estimation is done together with your organization's relevant business stakeholders.
- Insight into the security status of the system in a relatively short time.
Threat modeling can be applied to both the software and services you are developing or which you are planning to purchase. We can also analyze threats from processes, such as a software development pipeline, or from larger systems or business functions. Contact us for more information.
Read more
V
Vulnerability Management
When applications are developed fast, sometimes speed is the enemy of quality and security. What about the server software you just purchased? Is it free from plaguing security vulnerabilities that can cause you expensive downtime? And does your IT service provider install security fixes swiftly after they have been released?
We measure your environments' threat exposure from an information security point of view. We translate technical vulnerability data to executive decisions on information security.
Our vulnerability scans are continuous and automated. You will get:
- Expert analysis of current vulnerabilities and mitigation recommendations.
- Information on how resilient your information systems and networks are against common threats.
- Information on the effectiveness of the vulnerability management process as a whole: How quickly are your vulnerabilities getting fixed?
By applying continuous scans for applications and computing platforms accessible via the internet (or internal network), your organization can rest assured that most obvious software vulnerabilities are discovered and reported. Continuous scanning significantly reduces the probability of production failures and other disturbances. Timely reporting ensures that responsible parties can execute prioritized remedial actions over your most critical computing assets.
Our service covers the scanning technology and its maintenance, including required licenses, regular vulnerability scans of the selected applications’ IT infrastructure platforms, reports on the results, and 24/7 support and a support center contact point. Contact us for more information.
W
Workforce IAM (IGA)
Internal and external workforce usually needs access to numerous IT systems. Granting access quickly to newcomers and removing or changing access rights in all these systems when people leave or change job roles puts pressure on the organization. Identity Governance and Administration (IGA) solutions tackle this complex topic of managing the entire workforce's identities and access rights.
We provide workforce IAM-related advisory and complete IGA solutions to help organizations improve information security, meet compliance requirements, and improve operational efficiency. We partner with the leading IGA cloud service providers and technology vendors and recommend an IGA solution that fits your individual needs and configure the solution to match your specific requirements.
With our IGA solution, you will be able to:
- Control access granularly and efficiently.
- Make sure new joiners and movers will get access on time, and that access is revoked when the workforce leaves the company.
- Enforce risk-based controls and segregation of duties (SoD) when granting new access rights.
- Run regular access re-certification campaigns to ensure access rights are up-to-date.
- Ensure your organization meets compliance requirements related to workforce identity and access management.
Contact us for more information.
Social Engineering
Sometimes adversaries choose to attack human weaknesses instead of the technical equipment to launch a cyberattack against an organization. This type of attack is known as social engineering. Our approach to educating your personnel to defend against social engineering is to combine classroom training, computer-based courses, and a gamified exercise. Some or all of these components make up the training that increases resilience against social engineering.
Read more