WHAT WE OFFER

XecureIT provides the comprehensive information security CARES (Consultancy, Assurance, Research & Development, Education, Solutions) services.

CONSULTANCY

From specific advices to comprehensive solutions based on professional ethics.

FIND OUT MORE

ASSURANCE

Perform information security audit, assessment, and penetration testing.

FIND OUT MORE

RESEARCH & DEVELOPMENT

Determined since year 2009 to perform the persistence R&D for our understanding products and services.

EDUCATION

Not only delivering education services for business purposes, XecureIT is also supporting community development for social reasons.

FIND OUT MORE

SOLUTIONS

We solve together with you, not by taking it over from you.

FIND OUT MORE

XGEF FRAMEWORK

XecureIT professionals use two primary references to deliver information security CARES services:

  1. XecureIT Governance and Evaluation Framework (XGEF) as a standard framework.
  2. Standar Arsitektur Keamanan Tingkat Tinggi Informasi (SAKTTI), is our standard architecture to build a digital fortress system which integrates the SAKTTI’s information security controls and principles to enforce the consistency of information security strategy.

XecureIT Governance and Evaluation Framework (XGEF) is a standard framework used by our professionals to deliver information security CARES (Consultancy, Assurance, Research & Development, Education, Solutions) services.

XGEF ensures that our professionals provide effective and efficient recommendations to reduce information IT and security related risks, increase the value of existing IT investment, and ensure compliance and conformance with regulations and standards.

XGEF has been developed as a comprehensive information security framework by XecureIT core team based on our 23 years international experiences and various information security regulations and standards, including well-known IT governance framework and security practices, such as:

  • Indonesia Cyber Law (UU Informasi dan Transaksi Elektronik)
  • Peraturan Pemerintah tentang Penyelenggaraan Sistem dan Transaksi Elektronik (PSTE)
  • ISO 27001 Information Security Management System (ISMS)
  • ISO 27035 Information Security Incident Management (ISIM)
  • ISO 22301 Business Continuity Management System (BCM)
  • Payment Card Industry Data Security Standard (PCI DSS)
  • ISA 62443 Security for Industrial Automation and Control Systems (IACS)
  • TIA-942 Data Center Standards
  • Information Systems Security Assessment Framework (ISSAF)
  • Open Security Architecture (OSA)
  • Open Source Security Testing Methodology Manual (OSSTMM)
  • Open Web Application Security Project (OWASP)
  • National Institute of Standards and Technology (NIST) SP 800 Series
  • Various security checklists related to specific technology or solution.

FIND OUT MORE