| - |
One-time black-box vulnerability scanning service applied to selected
website with a single URL, when followed up with one-time black-box
penetration test service applied to this same URL |
| - |
OR One-time black-box vulnerability scanning service applied to
infrastructures with a maximum of 50 hosts (up to two different host types),
followed up with one-time black-box penetration test service applied to two
selected hosts from these hosts.
|
| - |
Conducting analysis of the above findings.
|
| - |
Provide assessment findings in report.
|
| - |
All services are conducted within Hong Kong on a one-off basis.
|
| - |
Service provided in office hours.
|
| - |
CPC's office hours are from 09:00 AM to 06:00 PM, Monday to Friday but
excluding public holidays specified by Government of Hong Kong and any
adverse circumstances evaluated by CPC (as determined in the sole opinion of
CPC).
|
| - |
All works will be performed from remote by default.
|
| - |
CPC reserves the right to use any tools available to fulfill the service.
|
| - |
Only known vulnerabilities with known exploits will be attempted.
|
| - |
Denial of service and intrusive scanning are not performed.
|
| - |
Customer’s responsibilities:
|
| (1) |
To ensure the devices, hosts, systems, and services availability for
assessment.
|
| (2) |
To ensure the devices, hosts, systems, and services accessibility for
assessment to and from the assessment tools, console, and appliances, and
ensure the corresponding firewall(s) allows the cross-network access to and
from the vulnerability assessment tools, console and appliances.
|
| (3) |
To allow the Internet access for the assessment tools, console, or
appliances to update the latest information.
|
| (4) |
To allow the assessment appliances installed at Customer data center,
with proper protection if necessary.
|
| (5) |
To allow and assist the installation of assessment target applications on
CPC’s testing environment if necessary.
|
| (6) |
To backup and restore systems or services in case of unexpected events.
|
| (7) |
To assist CPC for any request for the smoothness and completion of the
assessment
|
| (8) |
To guarantee all the information provided are accurate and correct.
|
| - |
TrustCSI MSS service must be subscribed prior to subscribing TrustCSI MSS SOAR service.
|
| - |
The Playbook shall only be triggered by security alerts from TrustCSI MSS. |
| - |
Subscription based on the number of Playbooks and SOAR action amount. |
| - |
Service includes Playbook creation, customization, and regular fine tuning. |
| - |
Service includes integration with customer end security devices. |
| - |
7x24 Playbook status monitoring. |
| - |
7x24 hotline support |
| - |
7x24 TrustCSI MSS SOAR alert email (Optional language: English / Simplified
Chinese / Traditional Chinese) to indicate the SOAR action result. |
| - |
The customer end security devices involved in the Playbook shall support
the required protocol to integrate with TrustCSI MSS SOAR platform. |
| - |
Customer shall allow necessary access right for integration with TrustCSI
MSS SOAR platform. |
| - |
Customer shall allow IPSec tunnel from TrustCSI MSS SOAR platform to
customer’s gateway firewall. |
| - |
CITIC Telecom CPC will not bear service delay due to any missing access
right, corresponding protocols, or IPSec tunnel |
| - |
Integrated devices band and types shall be pre-agreed between customer and
CITIC Telecom CPC. |
| - |
Each TrustCSI MSS SOAR Playbook supports up to 3 SOAR actions. (Note 1,2) |
| - |
Note 1: SOAR action sample: Block/release IP, Block/release URL,
Block/release FQDN, Isolate / release endpoint, trigger scanning on
endpoint, trigger alert email to customer IT on resetting password |
| - |
Note 2: One SOAR action counts on one target devices only. The same SOAR
action working on 2 target devices will be counted as two SOAR actions. |
| - |
Service component for TrustCSI MSS Service includes: |
| 1. |
Per device subscription of log analysis on CPC SIEM platform* |
| 2. |
24x7 Hotline and SOC remote support
|
| 3. |
24x7 security log correlation analysis and monitoring |
| 4. |
24x7 security incident alert and email notification(Simplified Chinese/English) |
| 5. |
24x7 security incident investigation and recommendation
|
| 6. |
Monthly Security Report(Simplified Chinese/English) |
| 7. |
Quarterly Security Review Meeting |
| 8. |
Access to TrustCSI customer web portal with easy access to reports (English) |
\
| 9. |
Customization and fine tuning of event thresholds, log filters and correlation rules |
| 10. |
Support 30 days analytic log retention period |
| * |
This promotion offer collected logs from up to 2x Firewall (FortiGate 101F or equivalent model) and up to 100x EDR Endpoint (Logs should be sent from management server directly) |
| * |
Assume all device logs should be sent from monitored devices directly to CPC SOC platform |
_
_ |
| - |
This offer has a limited quota and will be reserved on a first-come, first-served basis. |
| - |
CITIC Telecom CPC bears no responsibility for any system failures, hardware or software issues, network device malfunctions, server problems, application errors, or data loss experienced by the customer during or after the service period. The customer is solely responsible for any related financial losses. |
| - |
The price stated is in Hong Kong dollars. |
| - |
This offer is valid until September 30, 2024, on a first-come, first-served basis. |
| - |
CITIC Telecom CPC reserves the right to terminate, suspend, or withdraw the promotion offer and to change the terms and conditions of the promotion offer at any time without prior notice. |
| - |
In the event of any disputes, CITIC Telecom CPC reserves the right to make the final determination, which shall be conclusive and binding on the subscriber. |