DIPL – Security with passion

28 Years in InfoSec

DIPL was incorporated in 1996 with the HQ in Bengaluru and specialises in Information Security Services and consultancy.

2500+ clients

With a measured and steady growth, DIPL is proud to be associated with over 2500 companies for Information Security Services.

Wide range of Skillsets

DIPL boasts of a wide range of skill sets in Information Security. Every employee hired is technical and has atleast one Infosec specialisation certificate.

Innovative & practical approach

Our team assesses the requirement thoroughly and suggests practical and implementable measures.

About us

A Brief Profile

DIPL was incorporated in April 1996 in Bengaluru with the objective of delivering the highest possible quality services in the field of information security and related areas.

The journey commenced from Information security training as the first service offered. More than 3500 bankers were trained between 1996 and 1999.

In 1999, DIPL started expanding into areas such as Application audits [both on the functional and security side]. DIPL has since audited the major banking software(s) in India and abroad for both security and functionality. The audit begun in a text based environment. Slowly applications built on two-tier architecture and three tier architecture were audited. We also started the Network audits and Systems audit of branches.

In 2003, DIPL started auditing Core Banking Solutions of various Vendors for various bank. Parallelly a strong skill set was formed for technical audits such as Network audits, Web application audits, Forensic investigations, Ethical hacking, and more recently Mobile application audits. The strength of DIPL is in technology and DIPL caters to a vast clientele across verticals.

Additional services were introduced from 2003 onwards such as Implementation of Standards such as 27001. compliance audit against COBIT standards, Regulatory Audits, etc.

In 2011, an Identical company – 7iss – was floated to provide services in specialized and niche areas such as SIEM, Web Application Firewalls [WAF], Anti-Phising / Anti-malware/ blended threats protection, etc. A Data Centre was built to host various applications and tools. Now in 2020, the solution has matured to encompass AI, ML, PA, ec.

DIPL is;

1. An ISO 27001:2022 Certified Organisation: Management Commitment on Securing Privacy & Data Protection as A Processor to Comply with General Data Protection Regulation (GDPR) Requirement as Per GDPR (EU) Law 2016/679
2. Empanelled by CERT-In
3. Member of ISACA, IIA, ACFE, OWASP

Services: What we’re great at

When you engage us for audits, you can be rest assured that the output is of impeccable quality.

Web, API’s & Mobile Applications VA & PT

DIPL has conducted more than 1500+ audits for web, Mobile and API’s. We follow Industry specific standards such as OWASP for the audits.
Specialised tools and manual methods are adopted to perform the assessments and the reports are as per CERT-In Requirements.

Cyber Forensics, Breach Assessments

DIPL has conducted more tha 30 Forensic Investigations/breach assessments. The goal of computer forensics is to perform a structured investigation while maintaining a documented chain of evidence to find out exactly what happened on a computing device and who was responsible for it.

Network VA & PT, Cloud Security, Data Center Security, Wireless Assessments, etc

DIPL has performed more than 1000 VA & PT’s of Network, Servers, RDBMS, Security devices, Network Devices, Specialised appliances, etc.
We follow standards as specified by ISO 27001, CERT-In, NIST, TRAI, CoBIT, IRDAI, DoT, SAS70, HIPAA, SoX, etc.

contacts us for more information

Risk Assessment, Gap Analysis, Standards Implementation

DIPL has implemented standards such as ISO 27001, PCI, Sox, etc for some of the 500 fortune companies. So far 50+ organisations have availed our services for implementation and certification. DIPL follows ISO 31000 – Risk management Standard for Risk assessments and Gap analysis apart from those specified in ISO 27001.

Regulatory Audits

DIPL started its services for the BFSI segment and currently caters to more than 75% of the Banking Industry for RBI Audits, more than 40% of the Insurance Industry and nearly 300+ clients for other regulatory audits as mandated by IRDAI, SEBI, BSE, NSE, MCX, E-sign, UIDAI, NCIIPC, PFRDA, payment aggregators, Insurance aggregators, etc. DIPL has an experienced team for regulatory audits.

Application Audits,

DIPL has conducted more than 300 application audits for the BFSI and Insurance segment. Application made on 2-tier, 3-tier and standalone applications are part of the portfolio.

The scope includes auditing the application to ensure that the transaction and the output are secure, maintains veracity , is accurate and valid.

Enterprise Resource Planning Audits

DIPL has conducted audit of ERP where the users were 3500+ for organisations in the verticals of Oil, Airports, Gas, etc.

Software Source Code Escrow

DIPL has been an escrow agent for storing software source code escrow since 2002. DIPL provides only custodial services.

Source Code Review, Black Box, White box,etc

DIPL partners with reputed vendors for source code review. The in-house technical team is adept in these processes.

Data Localisation, SAR, PPI, ISNP, etc

DIPL conducts a wide variety of audits such as PPI, SAR, ISNP, RDBMS, Localisation, etc

Managed SOC

Some of Our Customers

A brief & partial list of our esteemed customers.

Our Awesome Team

Meet the people behind th success of DIPL

A Harihara Ayyar

Founder & MD

Shri. A Harihara Ayyar, LLM, CIA has held esteemed positions while in service such as being the Chairman of Dhalakshmi Bank, Top Executive of SBI, Visiting professor, NLSIU and also heads DIPL and 7iSS. He is the guiding force in the organisation.

Dr. Dilip H Ayyar

Director – Tech

Dr. Dilip H Ayyar. CRISC, CISM,CISA,C|CISO,CEH,CHFI,CFE, CCNA, ISO27K1 LEAD AUDITOR, ISO27K1 IMPLEMENTER, ISO 9001:2015 LEAD AUDITOR, BS 15000 IMPLEMENTER, SANS Certified in Hacker Techniques, Exploits & Incident Handling. He is in charge of the design, development, execution of various projects at DIPL. He also teaches at various colleges/universities. The course he designed with his mentor is also approved by UGC.

Gautam D Hariharan

Director – New Initiatives

Gautam is a computer science Engineer and an ISO 27001:2013 certified Implementer. He provides support on Technical and Development issues at DIPL. He is very passionate about Formula 1 and is pursuing Masters in Data Analytics in Germany.

5000+

PROJECTS

9,90,650

WORKED HOURS

28

Years in Infosec

What Can we do for you?

Get in touch with us

Check Out Some of Our engagements

Dr. Dilip H Ayyar along with his mentor delivered an Information security course for NPTEL. The same course was approved by UGC as well. The Youtube links are provided below.

Security with Passion

28 Years in InfoSec

2500+ clients

Wide range of Skillsets

Innovative & practical approach

About us

A Brief Profile

DIPL is;

Services: What we’re great at

Web, API’s & Mobile Applications VA & PT

Cyber Forensics, Breach Assessments

Network VA & PT, Cloud Security, Data Center Security, Wireless Assessments, etc

Risk Assessment, Gap Analysis, Standards Implementation

Regulatory Audits

Application Audits,

Enterprise Resource Planning Audits

Software Source Code Escrow

Source Code Review, Black Box, White box,etc

Data Localisation, SAR, PPI, ISNP, etc

Managed SOC

Some of Our Customers

Our Awesome Team

A Harihara Ayyar

Dr. Dilip H Ayyar

Gautam D Hariharan

5000+

PROJECTS

9,90,650

WORKED HOURS

28

Years in Infosec

What Can we do for you?

Check Out Some of Our engagements

Module 1 Part 1- Definition of Information Security

Module 1 Part 2-Information Security Terminologies

Module 1 Part 3-Goals of Information Security

Module 1 Part 4 – Implementation Issues

Module 1 Part5 – Implementation Issues – 2

Module 1 Part6 – Control Mechanisms

Module 1 Part 7 – Access Control – Administrative and Technical

Module 1 Part 8 – Passwords – Are they secure?

Module 1 Part 9 – Access Control – Administrative and Technical

Module 1 Part 10 – Passwords – Are they secure?

Module 1 Part 11 – Multifactor Authentication – Challenges

Module 1 Part 12 – Application Level Control and Planning

Module 1 Part 13 – Information Security – Policy, Standard and Practices

Module 1 Part 14 – Policies governing Issues, Roles and Responsibilities

Module 1 Part 15 – Managing changes in Information Security Policies

Module 1 Part 16 – Spheres of Information Security

Module 2 Part 01 – Protecting your Personal Computer

Module 2 Part 02 – Protecting your Personal Computer – II

Module 2 Part 03 – Protecting your Personal Computer – III

Module 2 Part 04 – Cloud Computing (Basic Definitions)

Module 2 Part 05 – Cloud Computing (Deployment) – II

Module 2 Part 06 – Cloud Computing (Security Issues) – III

Module 2 Part 07 – Cloud Computing (Trust and Risk) – IV

Module 2 Part 08 – Cloud Computing (Security and Privacy Issues)

Module 2 Part 09 – Cloud Computing (Security and Privacy Issues)

Module 2 Part 10 – Cloud Computing (Application and Data level security)

Module 2 Part 11 – Cloud Computing (Summary)

Module 2 Part 12 – Standard I

Module 2 Part 13 – Standard II

Module 2 Part 14 – Standard III

Module 3 Part 1- Vulnerability, Threat & Risk

Module 3 Part 2: Vulnerability, Threat & Risk

Module 3 Part 3: Vulnerability, Threat & Risk

Module 3 Part 4: Vulnerability, Threat & Risk

Module 3 Part 5: Vulnerability, Threat & Risk

Module 3 Part 6- Vulnerability, Threat & Risk

Module 3 Part 7- Vulnerabilities, Threat, Risk

Module 3 Part 8- Vulnerability, threat, Risk

Module 3 Part 9 – Vulnerability, Threat, Risk

Module 4 Part 1: Network Security

Module 4 Part 2: Network Security

Module 4 Part 3: Network Security

Module 4 Part 4- Network Security

Module 4 Part 5- Network Security

Module 4 Part 6- Network Security

Module 4 Part 7- Network Security

Module 4 Part 8- Network Security