Privacy and security by design | NTT DATA


Privacy and security by design

Strengthen your security with NTT DATA

The potential security risks created by digital technologies are increasing rapidly, and when combined with mistakes made by people, they can harm any organization. At NTT DATA, we help our customers enhance their security systems and make them stronger against threats. We do this through a process called Security System Design Life Cycle (SSDLC).

Services Lines

Security testing

We continuously probe our clients' defences by periodically performing ethical hacking audits, penetration testing and security audits on systems and applications. In addition, we offer support in mitigating the risk discovered.

Security by Design (SSDLC)

We incorporate security in the software life cycle, both from a methodological and organisational point of view, with security controls to minimise the level of risk. We adapt security needs to development environments already in production.


We automate the execution of security controls in continuous integration cycles:
- Requirements
- Threat modelling
- Code auditing
- Security auditing
- Containers
- Dependencies

Red Team

We execute simulated and controlled attacks, using the same techniques and tactics used by cybercriminal groups, to detect security risks in any area of an organisation (technical, human, methodological, ...).

Security architecture

We design technical security architectures that include integrated security and management controls, and ensure that the controls are effective. We have a particular focus on the cloud (AWS, Azure) for any type of paradigm: IaaS, PaaS, SaaS, IaC.

Digital Surveillance

Our surveillance services help catch and prevent cyber threats through continuous monitoring of assets considered particularly at risk. For instance, we can prevent confidential documents being leaked or corporate credentials being exposed.

Our solutions


Everphishing is a proprietary tool used for conducting social engineering campaigns that provides various metrics depending on the type of campaign launched.


This tool uses a range of assets to gather information from various open sources (OSINT) and conduct searches on the Surface, Deep and Dark Web. Its goal is to identify information that may pose a potential cyber threat.