Services

Our cyber security and information security services:

As DuneMount, we offer comprehensive solutions tailored to your needs to protect organizations’ information assets and network components.

Our solutions consist of a wide range of services compiled in accordance with international and national laws and best practices. Our goal is supporting the organizations with the most advanced security measures in line with the principles of confidentiality, integrity and availability, and to eliminate risks as much as possible or make them easier to manage.

Our Security Operation service focuses on preventive and detection-oriented solutions to ensure an effective defense against cyber threats. This comprehensive service covers key topics such as penetration testing, secure code analysis and vulnerability management.

Penetration Testing: It is a proactive security assessment that aims to analyze the digital defense mechanisms of organizations and reveal their vulnerabilitiesç It helps to make the organizational environment as secure as possible by identifying potential vulnerabilities with controlled attack simulations.As DuneMount, our penetration testing service model is offered as a one-time and/or recurring service.

Our studies are carried out with Black Box, White Box and Gray Box models based on the preferences of organizations by our experts using manual and licensed scanning products and both technical and logical vulnerabilities are detected.

Secure Code Analysis: As DuneMount, the security vulnerabilities of the software are detected by our experts using leading solutions. Necessary verification checks are made on the detected vulnerabilities and reported to our customers.

Vulnerability Management: It is a service for monitoring, evaluating and managing security vulnerabilities in the organization’s assets.One-time or periodic internal and external scans can be performed by our experts and related vulnerabilities can be tracked on behalf of the organization, solutions can be offered and action can be followed and/or reported..

All our analysis and test results are created by using the best international reporting models.

Our Security Governance services provide a robust, comprehensive and customized framework for managing and improving the security posture of the organizations.

DuneMount incorporates many different services specific to security governance. These are respectively;

Incident Response Process Design: During an incident, a well-defined incident response plan is crucial. Our incident response process design service is a critical service to build end-to-end incident handling process including stakeholders, roles, responsibilities, and all other related components.Our main sub-services in this area;

• Establishing end-to-end process design by creating Incident Response Plan, Policy, and Procedure
• Creation of incident-based Playbooks
• Establishing a risk methodology specific to incident management and integrated with the organization’s Enterprise Risk Management structure or Information Security Risk structure
• Designing incident response teams based on roles and responsibilities and creating RACI matrices

Data Protection and Data Governance: Our services are designed to address technical requirements, process design and legal compliance in data protection and governance. We offer specific solutions and consulting services to our clients by analysing their existing data and data protection measures.Our main sub-services in this field;

• Personal Data Protection Law (“KVKK”) Consultancy and Audit
• Requirements and regulatory analysis for new data processing needs
• Data Classification within the organization
• Technology Readiness Assessment

Information Security Maturity Assessment: Our Information Security Maturity Assessment model has been carefully created based on both national and international standards, frameworks, and regulations.Our service includes assessing the current information security maturity of organizations, determining the target related to the mission and vision of the organization, and creating a customized roadmap for the organization based on the differences between the current step and the target step.

Data Loss Prevention (“DLP”): Data Loss Prevention (DLP) is one of the most difficult issues to manage in the security world. As DuneMount, we support organizations in terms of both technical, process and legislation.Our main sub-services in this field;

• Creating and/or updating Data Inventory
• DLP rule and policy monitoring and revision
• Evaluation of processes in terms of applicability and legislation specific to DLP
• Developing the data classification strategy
• Creating the necessary documents related to the end-to-end DLP management process

Cyber and Information Security Governance Model: Hundreds of documents created under the name of security slow down the security processes of many organizations and cause them to get lost in an inextricable documentary world.As DuneMount, we offer organizations a manageable and effective cyber security and information security model by redesigning traditional document management processes.Our goal is designing the cyber security and information security processes of organizations from scratch or update the existing model using a more effective governance model.