You are currently viewing Prime Infoserv – A CERT-In Empanelled Security Auditor

Prime Infoserv – A CERT-In Empanelled Security Auditor

Prime Infoserv LLP is a 10 year’s old organization working in Cyber Advisory domain not only in India, but also in United Stated, UK, Brazil and Bangladesh. Prime Infoserv has been recently empanelled in CERT-In, a national nodal agency. It is an acknowledgement of Prime Infoserv LLP’s technical expertise in conducting Information Security Audits. As a CERT-In empanelled auditor Prime Infoserv LLP is qualified to conduct security audits of websites, networks & applications. On successfully completing the audit as per CERT-In Guidelines, our team can issue the CERT-In Certification as required by compliance requirements.

About CERT-In

The Indian Computer Emergency Response Team (CERT-In) is a national initiative to tackle emerging challenges in the area of information security and country-level security risks and vulnerabilities incidents as and when they happen.

  • Collection, analysis and dissemination of information of Cyber Incidents
  • Forecast and alerts of Cyber Security incidents
  • Emergency measures for handling cyber-security incidents
  • Coordination of cyber response activities
  • Issue guidelines, advisories, vulnerability notes and whitepapers relating to information security practices, procedures, prevention, response and reporting of cyber incidents.
  • Such other functions relating to Cyber Security as may be prescribed.

In its effort to create a qualified panel of Security Auditing organization, Cert-In has adopted a stringent process to evaluate the participants. This is to verify the participating organization’s technical knowledge and skill to perform an Information security audit.
The certification process involves an online practical test and conducting real-world Vulnerability Assessment and Penetration Testing on a web-server hosted by CERT-In. To be successful you need to identify at least 90% of the vulnerabilities present on the web-server.
As a CERT-In Empanelled Security Auditor, we carry out a comprehensive security audit of your website, network & applications as per the CERT-In Guidelines for IT Security Audits. Once the audit is completed successfully and all the requirements have been fulfilled, we issue a certification in-line with CERT-In

Overview of the process for CERT-In Certification:
• Step 1 – A comprehensive level 1 audit of your website, network or applications is carried out and a detailed report is provided.
• Step 2 – Once patched, the level 2 re-testing audit is carried out and all the patches and fixes are verified.
• Step 3 – The CERT-In Security Certificate is issued along with relevant supporting documentation and compliance reports for your customers & partners.

Who needs the CERT-In Certification?

  • Companies hosting any application or portal at National Informatics Center (NIC)
  • Companies selling software, hardware or services to the Government of India
  • Companies or software that falls under the mandates of RBI Cyber Security Framework for Banks
  • Companies or software that falls under the mandates of RBI Guidelines for Payment Aggregators and Payment Gateways
  • Companies or software that falls under the mandates of RBI – Cyber Security Framework for Urban Cooperative Banks
  • Companies or software that falls under the mandates of RBI Guidelines for Cyber Security in the NBFC Sector
  • Companies or software that falls under the mandate of SEBI Cyber Security and Cyber Resilience Framework
  • Companies or software that falls under the mandate of UIDAI – AUA KUA Compliance
  • Anyone that is selling, licensing or deploying software or services for any organisation under the IRDA mandate for ISNP Security Audit

Services We can offer?

  • Vulnerability Assessment: Our Vulnerability Assessment Service rapidly tests the security of your IT infrastructure from common threats and attack vectors.
  • Penetration Testing Service: Our Penetration Testing Service simulates techniques used by hackers to help you understand potential threats while providing you with detailed recommendations.
  • Web-Application Security Testing: Our Web-Application Security Testing Service identifies technical and business logic vulnerabilities in your websites while providing you with detailed instructions and concrete recommendations.
  • Mobile Application Security Testing: Our Mobile Application Security Testing service leverages application mapping, reverse engineering and proprietary tools to identify business logic and technical vulnerabilities in your mobile applications.
  • Source Code Security Review: Our Source Code Security Review Service maps your application source code and identifies technical and business logic vulnerabilities.
  • On-Demand Security Audit: Our On-Demand Security Audit Service is catered towards organizations with a large number of applications that are under continuous development. It provides you with the flexibility of conducting audits at short-notice with a fixed price without the delays caused by legal and procurement processes.
  • Annual Website Security Management: Our Annual Website Security Management Service is catered towards organizations that are looking for end-to-end website security. It allows you to focus on your business while we take end-to-end responsibility of your website’s security.
  • Managed Security Services from our Global SOC: Proactive Incident and Event Management and Orchestration using best in class tools and 24×7 resources from our global SOC.