About Us
SOC.MD® is a CMMI-SVC Level-3 ISO 9001-2013, 27001-2015 certified Global Consultation and Implementation firm, We believe in precision and quality above everything else. The areas of our expertise include Information Security and Cyber Security.
We are PECB parners in Republic of Moldova for training, examinations and audit for ISO, PCI-DSS and Cyber Security.
Our success stories are translated in the form of positive testimonials from our growing list of clients. Headquartered in Chisinau, we have our delivery centers in Minsk in Belarus, Kiev, Odessa in Ukraine, Ramat-Gan & Tel-Aviv in Israel.
MEET OUR LOVELY TEAM
Our team comprises of a bunch of enthusiastic and vibrant engineers, computer application specialists, business management professionals, and experts in Information and Cyber security services, product development, and cloud-based solutions.
Dmitry Tsepilovan
CEO and Founder
Andrei Matcovschi
Business Developer
Mahmoud Nashef
CNO
Octavian Nicoara
Information Security Engineer
Irina Gutsalova
Client Relationship Manager
Ionuț Ilie
Data Analyst & Project Manager
Apps for Business
DDOS PROTECTION
APP INFRASTRUCTURE PROTECTION
WEB APP AND API PROTECTION
ACCESS MANAGEMENT
SSL VISIBILITY
BOT MANAGEMENT
Business Security
Security Assessment
-
Review existing security policies, procedures and infrastructure;
-
Provide documentation on industry best practices for security policies, procedures and infrastructure related to information security;
-
Assess security policies, procedures and infrastructure against industry best practices and document deficiencies;
-
Provide recommendations to mitigate deficiencies with security policies, procedures and infrastructure.
External Systems Test
-
Conduct vulnerability scanning and validation against Internet accessible IP addresses;
-
Examine externally accessible equipment for vulnerability both from inside and outside (Internet) the tested network;
-
Check network and server equipment versions and configurations;
-
Provide documentation on test results and identify deficiencies;
-
Provide recommendations to mitigate deficiencies and risks.
Internal System / Network Test
-
Conduct vulnerability scanning and validation against internal IP address ranges and configuration review of all internal systems;
-
Examine equipment and systems for vulnerabilities;
-
Check network and server equipment versions and configurations;
-
Test the network traffic for unencrypted or decrypt-able passwords and accounts;
-
Provide documentation on test results and identify deficiencies;
-
Provide recommendations to mitigate deficiencies and risks.
Computer Systems and Software Test
-
Conduct analysis of Internet traffic to determine if any internal hosts have been compromised;
-
Examine equipment and systems for vulnerabilities;
-
Check Operating System Configuration and software version (Windows and SUSE Linux);
-
Test systems for malware (virus, Trojan, spyware);
-
Check the privileges and user directory configuration (Active Directory and eDirectory);
-
Check security of passwords (Windows & Linux);
-
Provide documentation on test results and identify deficiencies;
-
Provide recommendations to mitigate deficiencies and risks.
Penetration Testing
-
Conduct activities designed to emulate an actual attack and attempt to access and obtain organizational data;
-
Collect information gathered during penetration test and provide documentation on test results and deficiencies;
-
Provide recommendations of ways that security could be improved where vulnerabilities were identified.
Risk Report
-
Executive summary of the following:
a. All Assessments conducted
b. All Tests conducted
c. Significant Risks and deficiencies found
d. Recommendations to mitigate deficiencies and risks