Information Security

M.A.T is The First Syrian company obtain the License of Accreditation of Providing Information Security Services in Syrian Arab Republic from National Authority for Information Technology Services.

Our Information Security Services

  • Every organization, company or institution that owns information assets and the services it provides are linked to information and communication technology, must set its own Information Security Policy, follow up and develop it on a permanent basis to keep pace with international legislation and standards.

    M.A.T agrees with its clients on the global standard for developing an Information Security Policy, then formulates this policy that is compatible with the business and services it provides and sets the approved methods for its implementation and follow-up in line with the security requirements of its services.

  • Auditing at the level of security of information systems in organizations and companies has today become one of the basic criteria for launching E-services, and for obtaining the licenses for that.The audit includes a review of the information and communications technology infrastructure and associated processes, information security policies and users, and procedures. It includes examining and evaluating the settings of controls, configuration, and communication interfaces from websites or mobile applications, thus determining whether they are used within a safe range for investment, operation, and safety.



  • This service provides the best procedures and steps in dealing with security emergencies, intrusions and cyber threats. It includes a large number of emergency situations or security incidents that can affect the customer's information system and these incidents may be the result of a computer crime or an accident.

    M.A.T team has technical expertise in planning, containment, handling and recovery as well as collecting digital evidence of many types and forms of emergency incidents, and these teams are able to develop an emergency response plan and an appropriate training plan for them and prepare customer teams to deal with them.

  • Companies work to identify potential future events that could negatively or positively affect their business and services, which will be reflected on their assets through risk analysis, evaluation and management processes.

    M.A.T works with decision-makers and stakeholders in making the right decisions in allocating the necessary resources and how to implement risk response cases and security policies within the framework of its risk management process, by coordinating and working with clients in developing risk assessment reports and their periodic follow-up that includes the results of risk analysis work and compare them with standards.
    The identified risks as well as appropriate recommendations and solutions to reduce these risks to an acceptable level.
  • The process of assessing gaps in the security joints of information systems is one of the most important factors that increase the immunity of those systems from attacks and the damage resulting from them. This process includes defining levels of protection and security and the ability of systems to address or adapt to them.

    M.A.T works on a number of stages and procedures in evaluating security vulnerabilities for clients by defining appropriate work standards, conducting a security survey to discover potential security vulnerabilities, analyzing, evaluating and confirming the results of the security survey, and in the end preparing the final technical report on the results of the assessment and setting the technical recommendations necessary to raise the efficiency of the information and risk reduction from the identified security vulnerabilities and proposals to address them.

    The vulnerability assessment service includes:
    • Wired and wireless networks
    • Operating systems
    • The web and its applications
    • Mobile Applications (Android & iOS)
    • APIs
    • Database
  • In this service, security protection systems for systems, data, and processes are analyzed and verified that they cannot be hacked or that there is an external threat. The methods and techniques used by hackers are used to exploit loopholes and access target data.

    M.A.T provides a penetration testing service either through a penetration test for the entire information system and the implementation of all possible penetration tests on the entire infrastructure and information system, or by conducting a customized penetration test after studying the infrastructure and information system and analyzing the business and applications used before determining the precise and detailed scope of work.
    M.A.T also provides all types of service :
    • White Box
    • Gray Box
    • Black Box.
  • Security Code Review in web applications or mobile applications is one of the most important means that support the security architecture and raise the level of performance of various types of applications and in different sectors, as these applications may contain sensitive and confidential information in nature.

    M.A.T provides this service to check for errors and problems that were overlooked during the development of applications and software, and relies mainly on manual scanning of codes and scripts, by conducting a scan and identifying security gaps in the source code that may lead to application hacking or failure.
    And providing a report on file names with bugs have been checked, where are found, the potential impacts of these bugs that could lead to the application being crashed or compromised, and suggested solutions to address the bugs.
  • Information security solutions from equipment and software are an integral part of integrated security protection systems, and are among many solutions and recommendations for security weaknesses and threats facing the integration of information systems and the availability of services provided by exchange institutions.

    M.A.T puts at the hands of our customers a wide range of reliable and effective information security solutions, which ensure their work without problems or fear of interruption, and also provide technical support and expertise necessary to study and assess security needs, develop plans and implement these solutions to achieve the optimal investment for them.
    Among these solutions:
    • Next Generation Firewall
    • Web Application Firewall (WAF)
    • Internet Access Management (IAM)
    • Data Loss Prevention (DLP)
    • Security Information and Event Management (SIEM)
    • Endpoint Protection and Response Platform (EDR)
    • Anti-Malware and Anti-Virus
  • M.A.T believes that national expertise and the continuous development of these cadres are the cornerstone in protecting financial transactions in particular and digital transactions in a more comprehensive way in the face of the cyber war that it is exposed to.

    M.A.T works to empower national cadres by offering a range of professional and practical courses in the field of information security.
    including:
    • Information Security Management.
    • Information Security Governance.
    • Risk Management.
    • ISO 27001.
    • CISSP.
    • Vulnerability Assessment.
    • Penetration Test.
    • Application Security.

Benefits

  • Enhanced Protection Against Cyber Threats
  • Regulatory Compliance
  • Reduced Security Risks
  • Improved Security Posture