Q1 - 2022
January
Background checks v2
Staff
CISO (vCISO in interim)
Incident partners (VARS)
AppSec
Security Specialist
Automated training (KnowBe4)
Policy review (internal)
Credentials retention policy + cleanup
Migrate secrets to Vault
Azure Data Categorization (improved DLP)
Data
Mitigate Azure Security Center findings
Google Workspace DLP + Security
Credentials store (Minor CAN)
Credentials store (TOP 5 CAN)
Credentials store (*)
Darkweb monitoring
Standalone DLP
Data governanace (Azure Purview)
Improved vulnerability management (Lacework)
Cloud
CIS benchmark fix (based on Lacework)
Container image fix (based on Lacework)
Enforce whitelisting for API access
SIEM + 24/7 SOC
Zero Trust access (VPN replacement)
Grid session recording
HPAM automated flow
App/SDLC
Authentication improvement (oAuth)
Static code analysis improvement (Sonar)
Dynamic code analysis (Wallarm FAST)
Code signature
Depency analysis and freeze
iFrame security (x-frame-options, CORS, etc..)
External
assessment
Fraud
Static code analysis improvement (Sonar replacement)
Fraud protection for Flinks Connect/API (Shape SPM)
Fraud protection OBE (Shape SPM)
Open HackerOne private program
Open HackerOne public program
Pentest + mitigation (H1 2022)
Pentest + mitigation (H2 2022)
TruSight 3PCRM
TruSight 3PCRM remediation
February
2022
March
Q2
Q3
2023
Q4
Q1
Q2
2024
Q3
Q4
H1
Q1 - 2022
Bank Agreement
January
February
2022
March
Q2
Disallow use of personal devices
Improve logging/auditing controls
Employee background improvements
Disallow use of encrypted messaging apps
Improve auditing of scraping sessions
Review controls and policies around write actions
TruSight 3PCRM
TruSight 3PCRM remediation
alerting
Q3
2023
Q4
Q1
Q2
2024
Q3
Q4
H1