Incident Prevention and Management

The analysis and prevention of security events aims to avoid, detect and respond to attacks, and is one of the first lines of defense against internal and external threats.

Security Monitoring
Security Monitoring controls 24/7 security events on the Group’s main business platforms (poste.it, bancoposta.it, postepay.it, postevita.it) and all the resources on the Internet.
The aim is to guarantee an initial intervention to mitigate the attacks and start the process of Incident Management, in order to manage and coordinate the appropriate activities to contrast, resolve and restore the operations of the services concerned.

Vulnerability Assessment & Penetration Test
Vulnerabilities in softwares are a potential access point for malicious attacker that can damage the company. In order to guarantee an all-round protection of the applicative layer, the group operates at two separate times.
Before the software is made available to the public, Vulnerability Assessment and Penetration Test are performed with the aim of detecting and remedying any vulnerabilities and reducing the space which can be used by an attacker.

When the software became available outside, a periodic Vulnerability Assessment process allows to check the level of security and to intervene on any new weaknesses that have emerged.
The activities include the preparation of treatment plans to adapt the right level of safety.

The service also includes the identification and monitoring of emerging threats and related vulnerabilities that may even be potentially capable of compromising the security of IT systems (Threat Vulnerability Management).