Janet security esiss
This presentation is the property of its rightful owner.
Sponsored Links
1 / 18

Janet, Security & ESISS PowerPoint PPT Presentation

  • Uploaded on
  • Presentation posted in: General

Janet, Security & ESISS. September 2013. Janet, Security & ESISS. Janet and Security An introduction to ESISS New services What won ’ t be changing Q&A. Janet and Security. Operates CSIRT

Download Presentation

Janet, Security & ESISS

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

Janet security esiss

Janet, Security & ESISS

  • September 2013

Janet security esiss

Janet, Security & ESISS

  • Janet and Security

  • An introduction to ESISS

  • New services

  • What won’t be changing

  • Q&A

Janet security esiss

Janet and Security

  • Operates CSIRT

  • Works with UK Gov’t Cabinet Office and Cyber security Information Sharing Partnership (CISP), collaborating as required.

  • Presence on UK e-Infrastructure Leadership Council and Security stream

  • Range of products including server certificates

  • Increasingly investing in security projects (recent funding on threat information service)

  • Reviewing ISO27001

  • And… Janet ESISS

Janet security esiss


  • From August 1st, Janet will be taking on the operations of ESISS..

  • Now some history...

Janet security esiss

A Shared Issue

  • The same challenges

  • Different resources

  • Desire to collaborate

Janet security esiss

One Shared Service

Janet security esiss

Incorporating into Janet

  • Share Service Manager

  • Share skills between teams

  • Roadmap not shared

  • Targets not shared

  • New Business Processes!


Strategic Technologies


Product Management

Based in Loughborough University



Based in Janet Offices, Harwell

Service Manager: Wally Jackson

Janet security esiss

The Initial Services

  • Automated Penetration Testing

  • Manual Penetration Testing

  • Consultancy

  • 6 month review for other services

Janet security esiss

Automated Penetration Testing

  • On demand testing for potential vulnerabilities on external systems and websites

  • Testing is specifically designed to check for the most common vulnerabilities

  • Continuously updated vulnerability database

  • Easy to use web interface for management of scanning and reporting

  • Provides remediation advice on securing vulnerabilities

Janet security esiss


Janet security esiss

Manual Penetration Testing

  • Manual testing by experienced and certified testers, carried out to industry standards

  • Team members have wide experience of common educational applications

  • A complete service from scoping, project management, through to testing and reporting

  • Report provides executive overview, graphical summary and detailed analysis

Janet security esiss


  • Janet has had the skills internally, however has lacked the route

  • Supporting the outcomes from penetration testing

  • ... also providing support for security issues arising from the work of CSIRT

  • ... and other security work, best practises, security management incident response training

Janet security esiss

Key Points

  • Service as normal for existing ESISS customers, including price

  • Same certified testing team

  • For the sector, by the sector

  • Several new contracts since taking ESISS into Janet

Janet security esiss


  • How does penetration testing help your organisation?

  • Part of an audit: security, IT, financial

  • Compliance: PCI-DSS, data protection

  • To improve your security

Janet security esiss


  • Penetration testing won’t make a system 100% secure (nothing will)

  • Reduces the likelihood that the system can be compromised, and so reduces the risk

  • Demonstrates a certain standard of care towards your information

Janet security esiss


  • Perhaps around your most sensitive assets and applications

  • When new applications are first deployed

  • As part of the QA and release processes for software development.

  • When needed - on demand

  • Scheduled - check for unexpected changes, new vulnerabilities

  • A mix of the above depending on the risks

Any questions

Any Questions

Janet security esiss


Janet, Lumen House Library Avenue, Harwell OxfordDidcot, Oxfordshire

t: +44 (0) 1235 822200

f: +44 (0) 1235 822399

e: [email protected]

  • Login