iValue Center of Excellence
Your Technology. Proven. Positioned. Sold.
• Sell outcomes, not features
Fintech Upsell Stack with Controls
Fintech Security Controls Aligned with Industry Standards
| # | Domain | Control Area | Control Description | What it Secures | Technology Category | iValue OEM / Tools | CERT-In | DPDP | ISO 27001 | PCI DSS 4.0 | RBI |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 1 | Governance | Risk Assessment | Product & transaction risk mapping | Platform risk | Risk Mgmt | Whitehats | ⬜ | ⬜ | ✅ | ⬜ | ✅ |
| 2 | Governance | Third-Party Risk | PSPs, banks, SaaS, APIs | Supply chain | TPRM | Whitehats, RSA | ⬜ | ⬜ | ✅ | ⬜ | ✅ |
| 3 | Governance | Security Awareness | Dev, Ops, Fraud, Support | Human risk | Awareness | Progist | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 4 | Identity | CIAM | Customer onboarding & login | Customer identities | CIAM | RSA | ⬜ | ✅ | ✅ | ⬜ | ✅ |
| 5 | Identity | Risk-Based Authentication | Behavior & device-based auth | ATO prevention | Adaptive Auth | RSA | ⬜ | ✅ | ✅ | ⬜ | ✅ |
| 6 | Identity | Workforce IAM | SSO for internal teams | Internal access | IAM | RSA | ⬜ | ⬜ | ✅ | ⬜ | ✅ |
| 7 | Identity | Privileged Access Management | Admin & prod access | Privileged IDs | PAM | CyberArk | ⬜ | ⬜ | ✅ | ⬜ | ✅ |
| 8 | Identity | Phishing-Resistant MFA | Secure admin access | Authentication | MFA | Yubico | ⬜ | ⬜ | ✅ | ⬜ | ✅ |
| 9 | Identity | Identity Threat Detection | Detect AD-based attacks | Identity layer | ITDR | Tenable.AD | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 10 | Application | Secure SDLC | DevSecOps pipelines | Source code | SSDLC | OpenText Fortify, Digital.ai | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 11 | Application | SAST / DAST | Continuous app testing | Apps | AppSec | OpenText Fortify | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 12 | Application | API Security | API abuse & bot protection | APIs | API Security | Imperva, Levo | ⬜ | ⬜ | ✅ | ⬜ | ✅ |
| 13 | Application | Web Application Firewall | L7 attack & bot protection | Web apps | WAF | Thales Imperva | ⬜ | ⬜ | ✅ | ✅ | ✅ |
| 14 | Application | Mobile App Security | Android / iOS testing | Mobile apps | MAST | OpenText Fortify | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 15 | Application | SBOM | Dependency visibility | Supply chain | SBOM | OpenText Fortify | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 16 | Cloud | CSPM | Cloud misconfiguration detection | Cloud infra | CSPM | Netskope | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 17 | Cloud | CWPP | Runtime workload protection | VMs / containers | CWPP | SentinelOne | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 18 | Cloud | Container Security | Image & runtime security | Kubernetes | CNAPP | SentinelOne | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 19 | Cloud | Secrets Management | API keys & credentials | Secrets | Secrets Mgmt | CyberArk | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 20 | Cloud | SASE | Secure access & traffic | Users & services | SASE | Netskope | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 21 | Cloud | CASB | SaaS governance | SaaS apps | CASB | Netskope | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 22 | Data | Data Classification | Identify PII & financial data | Customer data | Classification | Forcepoint | ⬜ | ✅ | ✅ | ⬜ | ⬜ |
| 23 | Data | Data Loss Prevention | Prevent data exfiltration | PII & IP | DLP | Forcepoint | ⬜ | ✅ | ✅ | ⬜ | ⬜ |
| 24 | Data | Encryption & HSM | Tokenization & crypto | PAN / secrets | Crypto / HSM | Thales | ⬜ | ✅ | ✅ | ✅ | ✅ |
| 25 | Data | Database Security | DB activity & hardening | Transaction DBs | DB Security | Imperva SecureSphere | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 26 | Data | Digital Rights Management | Secure sensitive docs | Reports & exports | DRM | Vaultize | ⬜ | ⬜ | ⬜ | ⬜ | ⬜ |
| 27 | Endpoint | Endpoint Detection & Response | Dev & ops endpoint security | Workstations | EDR | SentinelOne | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 28 | Endpoint | Browser Isolation | Malicious web protection | Browsers | RBI | Netskope RBI | ⬜ | ⬜ | ⬜ | ⬜ | ⬜ |
| 29 | Endpoint | Device Control | USB & peripheral control | IP | Device Control | Forcepoint | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 30 | AI Security | Prompt Injection Protection | LLM abuse prevention | AI interfaces | AI Security | Lakera | ⬜ | ⬜ | ⬜ | ⬜ | ⬜ |
| 31 | AI Security | LLM Data Leakage Control | Prevent sensitive output | AI responses | AI DLP | SentinelOne Prompt Security | ⬜ | ⬜ | ⬜ | ⬜ | ⬜ |
| 32 | Fraud | Behavioural Analytics | Fraud & abuse anomalies | Transactions | UEBA | Gurucul | ⬜ | ⬜ | ⬜ | ⬜ | ⬜ |
| 33 | SOC | SIEM | Central detection & visibility | Events | SIEM | Splunk, Google Chronicle | ✅ | ⬜ | ✅ | ⬜ | ⬜ |
| 34 | SOC | SOAR | Automated response | IR workflows | SOAR | Chronicle SOAR, Splunk SOAR | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 35 | SOC | External ASM | Internet exposure monitoring | Digital assets | EASM | CloudSEK | ⬜ | ⬜ | ⬜ | ⬜ | ⬜ |
| 36 | Resilience | Immutable Backups | Ransomware-safe backups | Data | Cyber Recovery | Rubrik / Cohesity | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |
| 37 | Resilience | Recovery Drills | Restore testing & evidence | Availability | DR | Rubrik / Cohesity | ⬜ | ⬜ | ✅ | ⬜ | ⬜ |