Seen Tarbi for Financial Technology is permitted by the Saudi Central Bank to test its innovative services under the Regulatory Sandbox environment.

Cybersecurity Services

With the Kingdom’s rapid digital transformation and regulatory push under Vision 2030, cybersecurity is more critical than ever. Our comprehensive cybersecurity services are purpose-built for Saudi enterprises and fintechs to safeguard digital assets, ensure regulatory compliance, and maintain customer trust.

Vulnerability Assessment and Penetration Testing (VAPT)

Protect before it’s too late. We identify and assess security vulnerabilities in your application and infrastructure through automated scans and expert-led penetration testing. Our VAPT services simulate real-world attacks to uncover potential risks before malicious actors do.
  • Internal and external network testing
  • Web, mobile, and API penetration testing (aligned with OWASP Top 10)
  • Cloud security testing (OCI, GCP, Alibaba, Huawei)
  • Compliance-focused testing for SAMA, PCI DSS, and NCA ECC
cybersecurityService
cybersecurityService

Secure Code Reviews

Secure by design, strong in execution. Our experts conduct in-depth reviews of your source code to identify security flaws such as injection points, misconfigurations, and insecure libraries. This ensures your software complies with industry standards including OWASP Top 10 and PCI DSS, and is resilient from the ground up.
  • Manual and automated code analysis
  • OWASP Top 10 and SANS 25 compliance checks
  • Integration into DevSecOps pipelines
  • PCI DSS secure coding practices
  • Remediation support for developers
  • Focus on secure development lifecycle (SDLC) practices

Malware Analysis

Know your enemy. We perform static and dynamic analysis of suspicious files and behavior to uncover threats, reverse-engineer malware, and recommend containment and eradication strategies
  • Reverse engineering of malware artifacts
  • Threat intelligence correlation
  • Malware family classification
  • Indicators of compromise (IoCs)
  • Threat intelligence reporting
cybersecurityService
cybersecurityService

Compromise Assessment

Already breached? Let’s find out. We assess your systems to detect undetected breaches, identify attacker footprints, and recommend immediate response actions to contain and recover from intrusions.
  • Endpoint compromise assessments and forensics
  • Network traffic analysis
  • Root cause analysis and mitigation strategy

Risk Assessment as per ISO and NIST Standards

Measure risk, reduce exposure. We conduct structured risk assessments using globally recognized standards like ISO/IEC 27005 and NIST SP 800-30 to help you identify, prioritize, and treat cybersecurity risks.
  • Threat and vulnerability mapping and calculating Risk Values
  • Risk treatment plans
  • Asset-based, vulnerability-driven risk assessments
  • Mapping risks to ISO/IEC 27001, NIST, and SAMA’s Cybersecurity Framework
  • Third-party risk assessment and threat modeling
  • Security posture reviews with executive reporting
cybersecurityService
cybersecurityService

Business Continuity and Disaster Recovery Planning (BCP/DRP)

Operate through the unexpected. We help you design resilient business continuity and disaster recovery plans to maintain operations during crises and recover faster with minimal losses
  • Business Impact Analysis (BIA)
  • DR gap analysis and recovery time planning
  • Design and testing of BCP and DRP aligned with ISO 22301
  • Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO)
  • Simulation of business impact scenarios and drills

ISO/IEC 27001:2022 and PCI DSS Implementation

Certify your trust. We offer full lifecycle implementation for ISO/IEC 27001:2022 and PCI DSS standards, ensuring alignment with Annex A controls, Statement of Applicability (SoA), and sector-specific requirements including cardholder data protection.
  • Pre Audits and End-to-end support for ISO/IEC 27001 and PCI DSS certifications
  • ISO/IEC 27001 and PCI DSS gap assessment, implementation/remediation, and audit support
  • ISMS and PIMS implementation and ongoing maintenance
cybersecurityService
cybersecurityService

Cybersecurity Framework Implementation (e.g., NIST CSF)

Build a resilient foundation. We help you adopt cybersecurity frameworks such as the NIST CSF, ISO/IEC 27001, and PCI DSS to develop a holistic and compliant cybersecurity posture
  • Implementation of NIST Cybersecurity Framework (CSF)
  • Mapping to SAMA CSF, NCA ECC, and SBP TRM
  • Custom security governance frameworks for startups and SMEs

Personal Data Protection Law (PDPL) Compliance

Comply with confidence. We enable organizations to comply with Saudi Arabia’s PDPL and other privacy laws through data classification, governance controls, and consent management systems.
  • Personal Data Protection Law (PDPL) compliance assessment and remediation
  • Data discovery and classification
  • Privacy Impact Assessments (PIAs) and policy drafting
  • Role-based access control and consent management strategies
  • Data mapping and inventory
cybersecurityService
cybersecurityService

Implementation and Management of SIEM Solutions

See threats. Stop threats. We deploy and manage Security Information and Event Management (SIEM) solutions to help monitor, analyze, and respond to security incidents in real time.
  • Design and implementation of SIEM platforms
  • Log collection and correlation
  • Real-time alerting, log management, and dashboard reporting
  • Integration with SOC operations for threat detection and incident response