Top 10 Vulnerability Management Solution Companies - 2017

Fortidm Technologies: Augmenting the Security Posture of Organizations

Hariram Hari, Founder & President, Fortidm TechnologiesHariram Hari, Founder & President
Having spent a substantial part of his career in architecting, implementing, and managing supply chain ERP products for SMB and mid-market garment firms, IT veteran Hariram Hari, noticed a gap. He advocated security as the necessary component in the ERP software, but many customers either didn’t give importance to security or there was not enough awareness about this aspect. This triggered a thought in Hari that took the form of Fortidm Technologies to address the need of not only world class cyber security services but also impart awareness to customers while building business software and IT infrastructure. The firm focuses primarily on Security and Identity Management and so the name: Fortidm (Fort=Security, Identity Management=IDM). The company’s offerings include enterprise risk management, audit and advisory, offensive and defensive security solutions.

Even as organizations are under the impression of low risk exposures, intruders can exploit lower-risk vulnerabilities in a particular sequence as a step to identify higher-risk vulnerabilities. The rising cyber threats faced by organizations today accentuate the need of exploring the nuances of the often overlooked, vulnerability management. “When building applications, security is an afterthought generally,” stresses Hari. “We at Fortidm break that culture and show our customers that well thought out design inherently should include security requirements and controls. This is our philosophy.” Fortidm helps clients save several million dollars by instituting enterprise scale security programs, penetration testing, vulnerability analysis, and SOC 2 compliance readiness assessment. When building applications, the firm performs static and dynamic scanning as part of the quality gate by leveraging their standard, secured SDLC methodology that incorporates technologies such as IBM APPSCAN, HP FORTIFY, and WebInspect. “Our secured SDLC methodology is one of the unique ways of showing our customers that we build applications while we store, transmit, and process the data securely upfront during our development lifecycle,” explains Hari.

Furthermore, as enterprises are susceptible to new vulnerabilities, attack techniques, and strains of malware, Fortidm, in addition to the above mentioned offensive security practices, also aids in defensive security practices with its cost-effective Security-As-Managed-Services (SAMS) Managed Security Service Provider (MSSP) offering.

We appreciate the organizational security policies, compliance regulations, but at the same time look outside the confines to address the ever changing landscape of attack vectors and client’s business risks proactively

This service encompasses asset discovery, network behavioral monitoring, SIEM, threat feed based vulnerability monitoring and assessment, intrusion detection and prevention for responding and combating emerging threats. “We perform penetration testing for our clients as the operational black-team, working under the same rules as would-be hackers, attackers, and hacktivists. We appreciate the organizational security policies, compliance regulations, but at the same time look outside the confines to address the ever changing landscape of attack vectors and client‘s business risks proactively,” explains Hari. In doing so, Fortidm sets a much increased level of cyber-protection beyond the compliance directives, such as PCI-DSS, SOC 2, security polices, and other tamed security missions.

The firm etched out it’s prowess in security landscape to a large insurance firm in need of instituting an information security program. Fortidm worked closely with the client for delivering the roadmap and founding principles of the program by implementing the firm’s INFOSEC program, including penetration testing and vulnerability analysis. “We addressed every aspect of the People-Process-Technology triad and expanded the Fortidm team four times to deliver the service, on time and within budget,” extols Hari.

The strength of the firm lies in understanding and aligning the life cycle of cybersecurity framework such as identifying, protecting, detecting, responding, and recovering. Hari founded Fortidm as a professional services IT consulting firm—“We will, in the years to come, continue to deliver comprehensive multiplatform integration services that augment the security posture of our clients,” concludes Hari.