Corillian has several solutions that help financial institutions reduce the risk of system compromise and increase the confidence of their online users. These offerings are focused on assisting the client in deploying and maintaining a secure online platform.
The Internet is a dynamic and continuously evolving environment. On a daily basis, new vulnerabilities are discovered, new ways to exploit vulnerabilities are defined, and new countermeasures are designed to minimize the exposure of web-based systems to these exploits. What might have been best practices in terms of web application design, development, and implementation six months ago may no longer be adequate.
Want to find out more?
|Corillian Security Solutions|
|Intelligent Authentication™||Multi-factor authentication solution to prevent unauthorized online access. Complies with FFIEC guidelines for strong authentication.|
|Fraud Detection System||Early Warning system for Internet-based attacks against web sites|
|Web site Investigation & Forensics||Tools and techniques for separating normal from abusive or fraudulent web site activity|
|Secure Coding Workshop||Workshop covering state-of-the-art secure coding techniques for web sites|
|Delivery System Security Review||Delivery system review to help ensure resistance to security threats|
|Code-level Security Review||Code-level review by Sr. Security Engineers for potential security issues (Voyager-Specific)|
Intelligent Authentication uses a patent-pending, multi-layered approach to authenticate online banking users. Improving on the traditional authentication mechanism of a user name and password, Intelligent Authentication examines and tracks multiple patterns of online banking behavior and various non-personal attributes of the online banking user to determine when it is necessary to block or challenge suspicious visitors. This multi-layered authentication technique is virtually transparent to the end user and results in a user-friendly, non-intrusive experience while also ensuring visitors to the Web site are legitimate. Intelligent Authentication is also a ‘zero footprint’ solution, requiring no distribution of hardware, software or spyware-like tracking objects to end user computers. Intelligent Authentication's low-disruption design provides the power of behavior-based strong authentication with the simplicity and ease of use associated with user names and passwords, combining the best of both worlds - usability and security.
Web server logs are capable of drowning system administrators in data while leaving them starved for information. The approach taken by some administrators is to turn the logging feature down or off, or to log all the information and store it for review at a later date. In either case, critical time-sensitive information is lost or ignored. Corillian recognizes the need to simplify and enhance web log reporting and analysis and has developed the Corillian Fraud Detection System specifically to address this need.
This workshop provides system administrators, security engineers, fraud investigators, and auditors with the information they need to be effective in separating normal user activities from abusive or fraudulent activities. The ability to quickly understand and interpret log information is a key element of incident response.
The workshop is an intensive, two-day session covering incident handling, log capture and preservation, log review and analysis fundamentals, interpretation and analysis of web server and application logs, log correlation, and more.
Multi-user systems on the Internet cannot be considered completely immune to attack, but systems that are well designed, carefully implemented, and diligently maintained are much less likely to suffer from a major security incident. This workshop provides developers with the information they need to minimize or completely eliminate many of the vulnerabilities associated with Web-based applications.
The workshop is an intensive, two-day session covering security fundamentals, threats, vulnerabilities, and state-of-the-art, secure coding techniques.
Corillian offers a review of your web site delivery system (hardware, system software, network, network devices) from a security perspective. This involves a team of Senior Security Professionals reviewing the site implementation for potential security issues.
The results of this system-level security review are documented in a report. Each security issue is described in terms of vulnerability, threat, impact, and countermeasure. The security issues are also prioritized in terms of overall risk. This report provides a clear picture of the security posture of your web site, at the delivery system level, and can be used as a roadmap for improving that posture.
These types of reviews provide the information needed to understand the security posture of your Internet banking system relative to the current threats that may exist. It also provides a roadmap for improving that security posture.
The results of this code-level security review are documented in a report. Each security issue is described in terms of vulnerability, threat, impact, and countermeasure. The security issues are also prioritized in terms of overall risk. This report provides a clear picture of the security posture of your Internet banking site, at the application level, and can be used as a roadmap for improving that posture. The report is delivered securely via email, and a teleconference can be arranged to discuss the results.