Didiet has 5 years of experience in cybersecurity, familiar with multiple IT security best practices such as PCI-DSS, ISO 27001, CIS controls, and NIST Cybersecurity Framework.
Services Offered:
- IT Security Architecture
- IT Audit General Control
- Governance, Risk and Compliance (GRC)
- Vulnerability Assessment and Penetration Testing
- Information Security Incident Response
Certifications:
- 2019, SISA Infosec, Certified Payment Card Industry Security Implementer (CPISI)
- 2019, EC-Council, Certified Secure Computer User (CSCU)
- 2017, Cisco Certified Network Associate CyberOps (CCNA CyberOps)
- 2017, Cisco, Introduction to Cybersecurity
- 2016, EC-Council, Certified Network Defender (CND)
- 2016, Rapid7 Tech Workshop (Nexpose, AppSpider)
- 2015, TrendMicro, DeepSecurity
- 2015, Digital Forensics
- 2014, Pentest and Forensics
- 2013, EC-Council, Certified Ethical Hacker (CEH)
- 2008, Bina Nusantara, Wireless Security
Business Challenge: The use of significant / dominant IT in business processes and financial transactions in a company makes the company must be able to understand and respond to risks arising from the use of IT.
Various IT audit drivers must be carried out by an entity, namely the rules / regulations of the government, operational effectiveness and governance, process improvement and to meet the certification standards.
Solution: Testing of general IT controls includes policies, procedures and their application that meet the principles: confidentiality, confidentiality, integrity, availability, authentication, and non- repudiation.
Reference: UU ITE No 11 tahun 2008, 38/POJK.03/2016, 21/SEOJK.03/2017, 16/8/PBI/2014.
Technology Enablers: SecurityGen.
Technology Enablers: Anomali Threatstream.
Technology Enablers: Darktrace
Business Challenge: Keep away bad actors, botnets, and malicious traffic from accessing/ snooping the web application but in the process, it must not block legitimate traffic from accessing the web application.
Technology Enablers: WAF Cloudflare.
Technology Enablers: AlienVault, Security Onion.
Methodology: OWASP Web Security Testing Guide.
Technology Enablers: OWASP ZAP.
Business Challenge: Every day there is always a vulnerability found by individuals or researchers in various software. System components, processes and software must be tested frequently to ensure security is maintained over time. Information system security control testing is very important to be carried out in any environmental changes such as the presence of new software or configuration changes to the system.
Solution: Test and assess information system security technically, analyze findings, and make mitigation strategies.
Methodology: NIST Special Publication 800-115, Technical Guide to Information Security Testing and Assessment.
Business Challenge: Ensuring robust wireless network security, mitigating risks and vulnerabilities of Wireless Network.
Technology Enablers: Mikrotik RouterOS, Mikrotik as Low-Interaction Honeypot.
Technology Enablers: Mikrotik RouterOS, Port Knocking.
--
You could reach me here.