• Security Audits
• Security Planning
• Information Security Management Systems
• Platforms & Services Security
• Security Operations Center
• Specialized Solutions

GMV’s Security Operations Center (SOC) provides its clients with a qualified center to securely manage their information systems, to anticipate problems and to immediately resolve risks. Services provided include:

Early Detection

The early detection system, or BayWatch II, is a customized service that sends information on early security warnings. The service consists of sending customized information regarding new security vulnerabilities, shortly after they appear, by issuing a report created by the Security expert team. This report is sent by e-mail to the person designated by the company. The security vulnerability reports, aside from containing a detailed description of the vulnerability and the platforms it affects, also include information on the impact the exploitation of this vulnerability would have on the systems or applications previously selected by the company receiving the report. The report also indicates specific actions to be taken to minimize the effect of the vulnerability, in the event the manufacturer has not yet offered a solution.

Platform, Control and Services Monitoring

Thanks to the Platform, Control and Services Monitoring service, the status of infrastructures and services can be checked using specific free distribution or commercial tools. This service makes it possible to know, at any given moment and from any location, the operational status of the technological platform being monitored, always taking into account the critical impact of each element. This service also helps determining those elements operating in an atypical manner or near capacity, detecting and identifying bottlenecks, and verifying the activity of an organization by area/department/responsible party.

GMV's SOC provides a differential value characterized by the provision of 24/7 intelligent monitoring services integrated with mobile messaging solutions, based mainly on the GMV Gestvul® and Termes® solutions.

Intelligent Log Centralization and Analysis

Termes® provides a solution for managing the complexity inherent to the detection and prevention of situations that may compromise the security of heterogeneous architectures. From a technical point of view, Termes® is defined as a monitoring solution based mainly (although not exclusively) on the matching of logs, which continually provides an index of security danger and sounds alarms in case of an incident that may place the index outside the stipulated threshold. Termes® has been designed as a sophisticated support tool for the team of security experts responsible for early incident response, and it is additionally complemented with a methodology developed specifically for its deployment.

Vulnerabilities Detection and Management

GestVul® is a service that enables the checking and managing the security level of information systems. The service periodically performs a series of automated tests for the purpose of identifying system weaknesses that may be exposed over the Internet, including the possibility of unauthorized access to administrative services, the existence of services that have not been updated, and the detection of vulnerabilities such as phishing, etc. GestVul® performs a periodic follow-up of control and updating tasks performed by professionals managing information systems security, and provides reports that can be used to implement a plan for continuous improvement of the system's security level. Additionally, GestVul® facilitates and reduces the work on behalf of financial institutions in terms of audits performed to different official institutions.

Continuous System Patching/Upgrade and Fortification

The continuous system patching/upgrade and fortification service manages the appearance of eventual new patches, updates and service packs for the equipment's operating system that may be necessary to maintain the system’s security level or to support new versions of the installed products. A similar procedure is followed for new patches and stable versions from any other third-party products. A committed effort must therefore be made to stay informed and to communicate gaps in security that can appear in the installed applications, as well as to plan the installation of corrective patches when available.

Fast Intervention

The fast intervention service provided by the SOC deals with system repair, with service conditions adapted to critical systems. To this effect, GMV has engineers with ample knowledge in the various technologies and with the ability to support applications as well as infrastructures on a 24/7 basis.

Forensic Analysis

The forensic analysis service includes the structured and detailed analysis of an incident with the purpose of identifying what happened, how it developed, who was responsible, its impact, etc.

Help Desk

Finally, Help Desk services provide assistance for questions or issues regarding the operation of running systems. This service includes assistance with the management and writing of failure reports, operating problems, routines as well as Operation and Maintenance documentation.