iValue Center of Excellence
Your Technology. Proven. Positioned. Sold.
• Sell outcomes, not features
Digital Natives Upsell Stack with Controls
Digital Natives Security Controls Aligned with Industry Standards
| # | Domain | Control Area | Control Description | What it Secures | Technology Category | iValue OEM / Tools | CERT-In | DPDP | ISO 27001 | PCI DSS 4.0 | NIST |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 1 | Governance | Cybersecurity Governance | Product-aligned cyber governance | Enterprise posture | GRC | Whitehats | ⬜ | ⬜ | ✅ | ⬜ | ✅ |
| 2 | Governance | Secure Engineering Policy | Security embedded in SDLC | Product security | SSDLC | OpenText Fortify, Digital.ai | ⬜ | ⬜ | ✅ | ⬜ | ✅ |
| 3 | Governance | Third-Party Risk | Partners, PSPs, SaaS | Supply chain | TPRM | Whitehats, RSA | ⬜ | ⬜ | ✅ | ⬜ | ✅ |
| 4 | Governance | Security Awareness | Dev, SRE, Ops training | Human risk | Awareness | Progist | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 5 | Identity | CIAM | Customer login & step-up auth | Customer identities | CIAM | RSA | ⬜ | ✅ | ✅ | ⬜ | ✅ |
| 6 | Identity | Risk-Based Authentication | Behavior & device-based auth | Account takeover | Adaptive Auth | RSA | ⬜ | ✅ | ✅ | ⬜ | ✅ |
| 7 | Identity | Workforce IAM | SSO for engineers & ops | Internal access | IAM | RSA | ⬜ | ⬜ | ✅ | ⬜ | ✅ |
| 8 | Identity | Privileged Access Management | Admin & prod access | Privileged IDs | PAM | CyberArk | ⬜ | ⬜ | ✅ | ⬜ | ✅ |
| 9 | Identity | Phishing-Resistant MFA | Strong admin authentication | Auth layer | MFA | Yubico | ⬜ | ⬜ | ✅ | ⬜ | ✅ |
| 10 | Identity | Identity Threat Detection | Detect identity-based attacks | Identity layer | ITDR | Tenable.AD | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 11 | Application | Secure SDLC | DevSecOps pipelines | Source code | SSDLC | OpenText Fortify, Digital.ai | ⬜ | ⬜ | ✅ | ⬜ | ✅ |
| 12 | Application | SAST / DAST | Continuous app testing | Apps | AppSec | OpenText Fortify | ⬜ | ⬜ | ✅ | ⬜ | ✅ |
| 13 | Application | API Security | API abuse protection | APIs | API Security | Imperva, Levo | ⬜ | ⬜ | ✅ | ⬜ | ✅ |
| 14 | Application | Web Application Firewall | L7 attack protection | Customer apps | WAF | Thales Imperva | ⬜ | ⬜ | ✅ | ✅ | ✅ |
| 15 | Application | Mobile App Security | Android / iOS testing | Mobile apps | MAST | OpenText Fortify | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 16 | Application | SBOM | Dependency visibility | Software supply chain | SBOM | OpenText Fortify | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 17 | Cloud | Cloud Security Posture Mgmt | Misconfig detection | Cloud infra | CSPM | Netskope | ⬜ | ⬜ | ✅ | ⬜ | ✅ |
| 18 | Cloud | Workload Protection | Runtime workload defense | VMs & containers | CWPP | SentinelOne | ⬜ | ⬜ | ✅ | ⬜ | ✅ |
| 19 | Cloud | Container Security | Image & runtime security | Kubernetes | CNAPP | SentinelOne | ⬜ | ⬜ | ✅ | ⬜ | ✅ |
| 20 | Cloud | Secrets Management | API keys & tokens | Credentials | Secrets Mgmt | CyberArk | ⬜ | ⬜ | ✅ | ⬜ | ✅ |
| 21 | Cloud | SASE | Secure access & traffic | Users & traffic | SASE | Netskope | ⬜ | ⬜ | ✅ | ⬜ | ✅ |
| 22 | Cloud | CASB | SaaS governance | SaaS apps | CASB | Netskope | ⬜ | ⬜ | ✅ | ⬜ | ✅ |
| 23 | Data | Data Classification | Identify PII | Customer data | Classification | Forcepoint | ⬜ | ✅ | ✅ | ⬜ | ⬜ |
| 24 | Data | Data Loss Prevention | Prevent exfiltration | PII & IP | DLP | Forcepoint | ⬜ | ✅ | ✅ | ⬜ | ⬜ |
| 25 | Data | Encryption & Key Management | Tokenization & crypto | Sensitive data | Crypto/HSM | Thales | ⬜ | ✅ | ✅ | ✅ | ⬜ |
| 26 | Data | Database Security | DB hardening & monitoring | Transaction DBs | DB Security | Imperva SecureSphere | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 27 | Endpoint | Endpoint Detection & Response | Dev & ops endpoint protection | Workstations | EDR | SentinelOne | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 28 | Endpoint | Browser Isolation | Malicious web protection | Browsers | RBI | Netskope RBI | ⬜ | ⬜ | ⬜ | ⬜ | ⬜ |
| 29 | Endpoint | Device Control | USB & peripheral control | IP | Device Control | Forcepoint | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 30 | AI Security | Prompt Injection Protection | Prevent LLM abuse | AI interfaces | AI Security | Lakera | ⬜ | ⬜ | ⬜ | ⬜ | ⬜ |
| 31 | AI Security | LLM Data Leakage Control | Prevent sensitive data exposure | AI outputs | AI DLP | SentinelOne Prompt Security | ⬜ | ⬜ | ⬜ | ⬜ | ⬜ |
| 32 | AI Security | AI API Abuse Detection | Detect automation abuse | AI services | API Security | Imperva | ⬜ | ⬜ | ⬜ | ⬜ | ⬜ |
| 33 | SOC | SIEM | Central detection & visibility | Events | SIEM | Splunk, Google Chronicle | ✅ | ⬜ | ✅ | ⬜ | ⬜ |
| 34 | SOC | UEBA | Fraud & insider anomalies | Users | UEBA | Gurucul | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 35 | SOC | SOAR | Automated response | IR | SOAR | Chronicle SOAR, Splunk SOAR | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 36 | SOC | External Attack Surface Mgmt | Internet exposure monitoring | Brand & assets | EASM | CloudSEK | ⬜ | ⬜ | ⬜ | ⬜ | ⬜ |
| 37 | Resilience | Immutable Backups | Ransomware-safe backups | Data | Cyber Recovery | Rubrik / Cohesity | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 38 | Resilience | Recovery Drills | Restore testing & evidence | Availability | DR | Rubrik / Cohesity | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |