Hexaware’s Enterprise Security Solutions protect an enterprise’s information assets through holistic management of security components and mitigate adverse impact on confidentiality, Integrity and availability. Hexaware’s security experts follow best practices and standard procedures to ensure consistency in the delivery of service excellence. Our dedicated security specialists provide a level of vigilance that enhances the enterprise’s security posture and maximizes protection.

Governance & Risk Management

• Security Governance
  • Security Policy & Process
  • Information Security Strategy Development
  • Information Security Roadmap
• Risk Management
  • Risk Management Policy & Procedure
  • Risk Evaluation Criteria
  • Risk Assessment / Evaluation
  • Risk Treatment
• Business Continuity Management
  • Business Continuity Plan development
  • BCP Review
  • Disaster Recovery Strategy
  • BCP Testing
• Compliance
  • Regulatory Compliance
  • Standards Compliance

Consulting Services

• Security Compliance Consulting
  • Security Baselining
  • Security Standards
• Standards – ISO 27001 / PCI DSS / BS 25999
  • GAP Assessment
  • Implementation Consulting
• Information Security Product Implementation & Support
  • DLP
  • Identity & Access Management
  • Endpoint Security

Application Security Services

• Application Security Review
  • Application review as per OWASP top 10 Security Risks
  • Customized application review as per client requirements
  • Application Threat Modeling
  • Review of application controls (Input, processing & output controls)
  • Review of security requirements in application
  • Secure coding practices
  • Checking the vulnerabilities (Cross Site Scripting, SQL Injection)
• Application Security Penetration Testing
• Business Process Review
  • Mapping process with application development/implementation
  • Review of existing business process

Managed Security Services

• Log Management
  • Consolidate & Organize Log events
  • Log Archiving
• Security Monitoring & Alerting
  • Email Monitoring & Filtering
  • Web Monitoring & Filtering
  • Event Correlation & Analysis
• Vulnerability Management
  • Vulnerability Scanning
  • Patching
  • Configuration Enforcement & Change Management
• Security Infrastructure Management
  • Proactive Management & Maintenance of Security Devices