レイ・イージス・ジャパン List of Products and Services

This document introduces the security assessment services provided by Ray Aegis Japan Co., Ltd. It includes topics such as "The Necessity of Security Assessments," "Causes of Devaluing Security Assessments," and "Measures to Improve Misunderstandings about Security Assessments." By reviewing this document, you will gain an understanding of the challenges of security assessments in companies, the actual state of security assessments, and the specifications and pricing of security assessment services. Please feel free to download and take a look. [Contents (Excerpt)] ■ The Necessity of Security Assessments ■ Causes of Devaluing Security Assessments ■ Measures to Improve Misunderstandings about Security Assessments ■ Common Types and Tools for Security Assessments ■ Introduction to Our Security Assessment Services *For more details, please refer to the PDF document or feel free to contact us.

• Security Assessment

At Ray Aegis Japan, we utilize our proprietary AI tools to provide vulnerability assessments conducted by over 320 highly skilled security engineers worldwide. As attacks exploiting weaknesses in the supply chain of the manufacturing industry are on the rise, what are the comprehensive security measures against cyberattacks? We are offering a document that explains the key points of necessary security measures! What are the world-class security measures? We explain them in an easy-to-understand manner! [Excerpt from the content] - Challenges of cybersecurity in the manufacturing industry - 59% have experienced a security incident? - Supply chain risks - Approaches to solving challenges *For more details, please download the PDF or contact us.

• Security Assessment

Our "penetration testing" complies with PCI DSS v4.0 requirements. We have over 320 qualified security engineers. In addition to PCI DSS requirements, we have a track record of penetration testing and red team operations for financial institutions and government agencies in various countries. Additionally, we utilize not only commonly used tools but also our proprietary AI tools to detect advanced attacks such as business logic flaws, DoS, and zero-day attacks. 【Features】 ■ Complies with PCI DSS v4.0 requirements ■ Over 320 qualified personnel and more than 1,600 high-quality assessments annually ■ Re-assessment available as many times as needed with one year of after-support ■ Clear service plans *For more details, please refer to the PDF document or feel free to contact us.

• Security Assessment

Our "Fast Penetration Test" utilizes not only commonly used tools but also our proprietary AI tools. It detects advanced attacks such as business logic flaws, DoS, and zero-day attacks. We also attempt attacks that mimic actual hacker techniques and combine multiple vulnerabilities. Thanks to this advanced technology and unique tools, we can conduct tests in a short period and discover vulnerabilities that are generally difficult to find. 【Pricing Features】 ■ Course-based pricing - A tiered pricing structure is set to ensure that smaller systems are more affordable. ■ Fixed pricing - Regardless of the number of pages or requests, we offer a fixed pricing model per "IP address/FQDN/application" to meet our customers' needs. *For more details, please refer to the PDF materials or feel free to contact us.

• Security Assessment

Our "Dark Web Exploration Service" is a one-stop service that enables early detection of any potential information leaks concerning our clients, thereby strengthening cybersecurity. Our company, which boasts over 320 white-hat hackers, one of the largest groups in the world, conducts investigations on the dark web based on specified keywords to identify the potential risks to our clients' information. Through our customized reports, clients can verify the risks associated with their information. [Service Coverage] ■ Information leaks and information breaches *For more details, please refer to the PDF document or feel free to contact us.

• Security Assessment

We would like to introduce our "Ray-SOC Service." This service monitors logs from network devices and security equipment, primarily focusing on firewalls and VPN connection devices, in real-time or at regular intervals. It enables the early detection and response to abnormal communications and trends, such as attempts of intrusion from external sources. Additionally, our standard plan for this service is available from 108,000 yen per month, and we can customize the service content to fit your budget and security policy. 【Monitoring Targets (Partial)】 ■ Network Devices ■ Authentication Servers ■ Antivirus ■ Firewalls *For more details, please refer to the PDF document or feel free to contact us.

• Firewall

Cyberattacks targeting web systems are numerous, and security measures are essential even in the manufacturing industry. The cyberattack countermeasure tool 'Ray-SOC WAF' is a multi-tenant cloud WAF service that serves as a countermeasure against cyberattacks that can lead to factory shutdowns. It features advanced defense capabilities powered by an AI engine, and is constantly monitored by the SOC team at Ray Aegis Japan, making it a cyberattack countermeasure tool that requires minimal management effort. Additionally, a monthly report summarizing defense statistics, including the number of blocked incidents, trends by type of attack, originating IP addresses, and trends by country, allows for the monitoring of attack trends and defense status. We are also offering a document summarizing the key points of necessary security measures, which has over 3,000 achievements primarily with overseas financial and government agencies! 【Features】 ■ By allowing multiple users to share a single WAF server, it protects the web server while maintaining advanced defense capabilities powered by the AI engine. ■ Logs detected by the WAF are monitored at Ray Aegis Japan's Ray-SOC Center. * For more details, please refer to the PDF document or feel free to contact us.

• WAF

"CloudCoffer SandSphere" is a service developed by CloudCoffer Inc. for detecting malware. Through its proprietary AI engine, it conducts "surface analysis," "static analysis," "backdoor analysis," and "dynamic analysis" to detect unknown malware and malware that has previously evaded detection in Sandboxes. Additionally, based on customer requests, it offers services that can be conducted as a one-time event, as well as options for installation and use over a certain period. 【Features】 ■ Conducts inspections through a unique four-phase process to discover not only known malware but also variants and new types. ■ Offers flexibility in choosing between one-time services and installation/use over a certain period based on customer requests. ■ There is no need to account for the often high costs of AI Sandboxes as assets. *For more details, please refer to the PDF document or feel free to contact us.

• Other Software

We would like to introduce our "AI Remote Vulnerability Diagnosis." Using a vulnerability scanning tool equipped with an AI engine developed independently by Ray Aegis, we conduct automated tool diagnostics, followed by detailed manual diagnostics performed by experienced assessors for items that cannot be covered by automated tools. The diagnosis is priced per FQDN, allowing for fast and cost-effective use even for web applications with many screens and features, such as media distribution services. 【Other Services】 ■ Platform Diagnosis ■ AI Quick Tool Diagnosis ■ Fast Penetration Test ■ Penetration Test *For more details, please refer to the PDF document or feel free to contact us.

• Other Software

Our company provides innovative approaches in the field of cybersecurity. Utilizing new AI technologies and specialized tools, we focus on enhancing digital security for businesses and protecting our clients from cyberattacks. We are constantly working on technological innovation aimed at data protection and ensuring business continuity. Additionally, we propose custom-made security solutions and implement comprehensive security measures tailored to the unique needs of each company. [Business Activities] ■ Web Application Vulnerability Assessment ■ Penetration Testing ■ TLPT ■ DDoS Drills, etc. *For more details, please refer to the PDF materials or feel free to contact us.

• Security Assessment
• WAF

This is a higher-level service that detects malware that traditional signature matching techniques could not capture, distinguishing it from conventional antivirus and sandbox solutions, either on a file-by-file basis or for the entire system. This detection service is carried out through the following methods: 1) Explicitly moving files to the detection server. 2) Moving all files from the target system (or all files within a specific folder) to the detection server to check for the presence of unauthorized files. 3) After performing step 2, preparing scripts or agents on the target system to regularly (e.g., once a day) move new files to the detection server to verify the integrity of the files.

• Security Assessment

We utilize RayAegis' unique AI tools to provide vulnerability assessments conducted by over 250 advanced security engineers worldwide. With our AI × Security approach, which we have practiced since our founding, we can offer comprehensive diagnostic services that maintain quality in a short period, even for the increasing number of systems each year. Please feel free to contact us if you have any requests. 【Features】 ■ A package pricing system based on FQDN units that becomes more cost-effective as the environment scales ■ No need for preliminary narrowing down of diagnostic targets when making a request ■ The information we need to gather in advance is very simple ■ Short duration and high quality *For more details, please download the PDF or contact us.

• Security Assessment

The "Mobile App Diagnosis Service" is a diagnostic service that performs rapid diagnosis and analysis on frequently updated mobile applications without affecting the server side, using a uniquely developed AI tool. By utilizing this service, security diagnostics of the mobile application itself can be conducted in as little as one day. 【Features】 ■ Supports mobile application packages for iOS and Android ■ Comprehensive diagnosis including the server side is possible through local diagnosis of the mobile app alone or with the API diagnosis option ■ Complies with OWASP Mobile Security Testing Guide, OSSTMM, NIST SP800-115/163 - Covers the entire range of OWASP Top 10 Mobile Risks along with the API diagnosis option ■ Rapid and short-term diagnosis completed in as little as one day using RayAegis's uniquely developed AI tool, among others *For more details, please download the PDF or contact us.

• Security Assessment

Our company has been providing a security diagnosis service that realizes AI × security since its establishment. As a packaged flat-rate service, it is cost-effective and does not require the hassle of narrowing down the diagnosis targets in advance. We also offer comprehensive after-support within the package, including re-diagnosis of discovered items. Please feel free to contact us if you have any requests. 【Our Strengths】 ■ Dedicated white hat hackers ■ Efficiency and sophistication through AI ■ User-friendly services ■ Abundant track record *For more details, please download the PDF or contact us.

• Security Assessment