Datasheets

Compliance

PA-DSS

Through the entire PA-DSS certification process, Tevora’s team of consultants work with you to ensure PA-DSS requirements are met and your payment application is secure.

PCI-DSS

Tevora’s consultants partner with you to develop a cost effective road map to PCI compliance, assessing and validating security controls early in the process so remediation efforts are directed and focused.

HITRUST Certification

As a certified CSF Assessor, Tevora’s proven, four-step process is designed to help you achieve HITRUST certification with efficiency and precision.

ISO 27001 Certification and ISO 27018 Compliance

In collaboration with you, Tevora determines your scope and risks, and designs a holistic information security program aligned with ISO standards.

Unified Assessment Program

Tevora works to simplify the assessment process, making it possible for you to meet multiple compliance requirements and avoid audit fatigue.

SOC 1

System and Organization Control (SOC) attestations provide information your customers can use to understand any risks and assess the suitability of your internal controls for their particular policy and compliance needs.

NYS DFS Cybersecurity Compliance

Tevora helps you comply with New York State’s DFS Cybersecurity Regulation, allowing you to develop a robust security program and controls that give you a competitive advantage.

SOC 2

Tevora partners with you to evaluate your obligations for SOC 2, ensure your SOC 2 attestation accurately reflects your efforts in meeting the criteria, and recommend improvements for your environments.

InfoSec Support and Staff Augmentation Services

In today’s evolving economy and threat landscape, assistance from information security specialists can both propel your company forward and help carry the workload along the way. Tevora is that information security specialist.

3-D Secure

3-D Secure (3DS) is a security standard developed by the major payment card brands—Visa, MasterCard, American Express, Discover, and JCB—that provides an extra layer of protection for online credit and debit card transactions.

FTC Assessments

Compliance with FTC decision and order requirements requires an independent examination and evaluation of a company’s in-place security program and controls.

Data Privacy

GDPR Services & Strategy

Tevora helps you understand how GDPR affects your organization and works with you to build a comprehensive data protection strategy.

Threat Management

Red Team Attack Simulation

“Red teaming” is a term borrowed from military war games and adapted to the business environment to test force-readiness for a variety of situations.

Application Penetration Testing (web, mobile, API)

Tevora’s threat team performs web, mobile and API penetration testing services to test the effectiveness of your security controls on all of these platforms.

Malware Analysis and Reverse Engineering

Should you suspect a compromise in your system, Tevora’s skilled engineers are able to stop the threat, clean your system and build your defenses to protect you from future attacks.

Internet Of Things (IoT) Penetration Testing

The Internet of Things (IoT) is a network of connected “things”
– computing devices that are embedded in everything from washing machines to automated manufacturing equipment.

Social Engineering

One of the most common methods used to gain unauthorized access to corporate networks, social engineering accounted for 43 percent of the documented breaches in 2016.

Security Solutions

Okta Security Solutions

Tevora’s team of engineers support you in implementing Okta’s identity and access management (IAM) platform, unlocking the platforms’ full potential in managing and protecting your network, system and device access.

Critical Security Controls Assessment

Tevora’s Critical Security Control Assessment provides a point-in-time dashboard of the effectiveness and maturity of your organization’s security controls within the context of the NIST Cybersecurity Framework and COBIT 5 maturity model.

Cloud Compliance

Moving your workload to the cloud can offer significant benefits such as extended functionality, improved flexibility, and reduced costs.

Virtual Security Operations Center VSOC

As new and maturing technologies such as IoT, artificial intelligence, mobile, and cloud redefine our perimeters, their endpoints also become potential points of entry for attackers.

Incident Response

Emergency Incident Response Services

In the event of an incident, our IR “SWAT” team responds rapidly to locate the active threat(s), determine the incident scope and damage, isolate and contain affected systems and eradicate the threat from your environment.

Program Creation

In the event of an incident, our IR “SWAT” team responds rapidly to locate the active threat(s), determine the incident scope and damage, isolate and contain affected systems and eradicate the threat from your environment.

Tabletop Exercises

Tevora guides your team through potential incidents such as phishing and ransomware to test your established IR procedures and responses and identify gaps in your IR plan and infrastructure.

Compromise Assessment

Tevora’s Compromise Assessment team uncovers hidden threats within your environment and removes them before they cause further damage.

Readiness Assessment

Tevora’s Readiness Assessment team evaluates your ability to respond quickly to a compromise in your environment and identifies weak points in your systems, processes and team.

Insurance and Breach Response

Tevora’s Readiness Assessment team evaluates your ability to respond quickly to a compromise in your environment and identifies weak points in your systems, processes and team.

Enterprise Risk

ERM Program Development

Enterprise Risk Management (ERM) is a strategic tool that enables an enterprise-wide view of risks and their potential impact on the organization’s overall business objectives.

Vendor Risk Management

Tevora’s vendor management programs include key areas that organizations need to address to stay agile and risk-aware.

Business Continuity and Disaster Recovery Services

What we consider to be normal business operations can quickly be challenged in a digitally connected global economy. The increased uncertainty of weather, pandemics and rise in remote workforces bring new challenges to organizations.

Enterprise Risk Assessments

Enterprise risk assessments, while usually a compliance or regulatory requirement, are intended and designed to identify, prioritize and treat any risks that pose a threat to the organization’s strategy and objectives