|
|
|
||||||
|
|
AEG NewsletterFirst Quarter - 2019 | Issue #5 |
||||||
|
|
|
||||||
|
|
“AEG is developing applications serving gpi and blockchain fast payment systems”
|
Word from the CEO
2019 is expected to be equally productive and fruitful with our continuous aspiration to innovation and development. We will be further enhancing our security solutions and updating our compliance offering in accord with CSP 2019. Further, we will be developing additional services related to gpi and blockchain fast payment systems providing real-time payment monitoring and tracking. We aspire for a successful year full of achievements hand in hand with our clients and partners.
Dr. Mohamed Sadek – CEO and General Manager Partnership with RAPID7
This strategy we undertake implies that we ally with specialists and business partners to exchange knowledge and expertise in order to widen the capabilities for both sides. This partnership naturally reflects all its advantages on our customers, since they are to be served the latest technologies and the best technical support. Rapid7 is advancing security with visibility, analytics, and automation delivered through an Insight cloud. Their solutions simplify the complex, allowing security teams to work more effectively with IT and development to reduce vulnerabilities, monitor for malicious behavior, investigate and shut down attacks, and automate routine tasks. Over 7,200 customers rely on Rapid7 technology, services, and research to improve security outcomes and securely advance their organizations. Rapid7’s on-premise option for vulnerability management software, monitors exposures in real-time and adapts to new threats with fresh data, ensuring you can always act at the moment of impact. For more details, kindly contact our Sales team AEG Penetration Testing AEG is now providing a penetration testing service. It is a
technical consultancy service by which a simulated cyber-attack is performed
on an IT Infrastructure to evaluate the implemented security controls. The
test is executed to identify misconfiguration, weaknesses and strengths.
Vulnerabilities may include the potential for unauthorized parties AEG’s extensive knowledge and experience in SWIFT infrastructure allows a deeper understanding of what is best practice in this field and hence put the bank in a real test scenario. Knowing the gaps and vulnerabilities in a bank’s infrastructure has become an urgent need, especially after the recent massive heists that had occurred. AEG highly recommends this exercise for all its customers as part of their cyber security plan. AEG Risk Assessment This is a consultancy service targeted to test various attack
scenarios via table-top exercise using either ISO 27005 or NIST Risk
Assessment framework. The This exercise is intended to evaluate whether the existing controls are enough or whether additional controls should be added. The scenarios are classified according to likelihood of impact on the organization. These are prioritized and forwarded for decision to the corresponding stakeholders. A report is generated showing results and suggesting risk treatment which is then evaluated by the bank for budgeting and handling. AEG is urging its customers to assess their risks and take action toward their weaknesses and vulnerabilities in order to avoid any stay protected. |
|
|
|||
|
|
In This Issue |
|
|
||||
|
|
01. Partnership with RAPID7 |
|
|
||||
|
|
02. AEG Penetration Testing |
|
|
||||
|
03. AEG Risk Assessment |
|
||||||
|
|
04. CSCF 2019 |
|
|
||||
|
|
05. gpi-PRO: A Powerful Application |
|
|
||||
|
“AEG is trusting RAPID7’s Vulnerability Scanner”
“AEG is offering Penetration Testing and Risk Assessment for stronger Security” |
|
||||||
|
|
CSCF 2019: 19 mandatory controls and 10 advisory controls
Testimonial A testimonial from Warka Bank – Iraq “We are glad to inform you that Warka Bank for Investment and Finance had passed CSP Compliance audit performed by Central Bank of Iraq and Ernst & Young, your cooperation and support was the major factor leading to passing the audit.Warka Bank appreciates your efforts and looking forward to conduct business with your respected firm.” |
CSCF 2019
For more details, kindly contact our Sales team gpi-PRO: A Powerful Application
Banks have been long striving to offer fast delivery of the payments with possibility for tracking the process, especially in the case of cross-border payments, as each bank has only been able to guarantee and share information of payments of its own. SWIFT has launched the gpi – the new standard in global payments – to overcome money transfer challenges and create a quick and smooth cross-border payment experience. In order to achieve a rapid and efficient adoption of gpi, AEG is offering “AEG gpi-PRO” – a new payment and tracking application which not only saves the bank all the trouble of going through development and testing, but also facilitates and automates the gpi payment process and tracking facility, along with many additional features, all the while being secure and free of human errors. AEG gpi-PRO is a gpi payment and tracking application developed by AEG. It is dedicated to create gpi payments and allows the bank and its clients to track their payments in real time. The main role of it is to enable SWIFT gpi by converting corporate payment requests into gpi payments and by encapsulating gpi business logic and SLA requirements in payment transactions. And hence, AEG gpi-PRO is based on the available tools and capabilities of SWIFT gpi. It aims to enhance and facilitate gpi use by the banks. It integrates gpi with the functionalities and services of the back-office system and helps the banks offer tracking capability to their clients. For more details, kindly contact our Sales team |
|
||||
|
|||||||
Migration to SWIFT release 7.2 and SWIFT CSP compliance
activities were on top of the highlights of the year 2018. AEG has put some
serious effort meeting the needs of its clients especially those related to
security and compliance. The key factor to this success, we believe, is the solid
unity and collaboration within our teams and our passion to do our job
perfectly to the fullest. It has been a busy year that was closed
magnificently with successful implementations and satisfied clients.
AEG has always taken the initiative to provide its
customers with the best solutions to best answer their concerns and address
the challenges they are being met with. This proactive approach is not new to
us and has always been the main drive and guide by which we do business.
to gain access to accounts, sensitive data, or the gaining
privileges and so on. The outcome of this exercise is a report that
highlights the weaknesses captured in the penetration test, its criticality
and its exploitability level. 
outcome of this
exercise is to check possible ways that an adversary can gain un authorized
access to compromise integrity, confidentiality or availability. 
After the successful CSP projects in 2018 under
Consultancy, Guidance and Support, and after the release of the CSCF 2019,
AEG is following up with its customers in order to maintain their compliance.
It has been shared before with our customers that there are now 19 mandatory
controls and 10 advisory controls; this implies that we will be further
guiding our customers in order to assess the remaining gaps and perform
regular checks on banks’ infrastructures to assure their compliance and their
security. 
AEG is launching
gpi-PRO application soon