S 11.9
Security operations & continuous monitoring
The Standard
Continuous, proactive monitoring and timely anomaly detection, including operating a Security Operations Centre (SOC) and conducting vulnerability assessment and penetration testing.
How Sentient Spire supports it
Argus + QCS — an AI-driven SOC that runs continuous monitoring and detection, deployable on sovereign, in-country infrastructure.
S 11.10S 11.19
Cyber threat intelligence
The Standard
Collect, analyse and act on cyber threat intelligence — including data-breach and online-exposure detection — and share threat intelligence with the industry.
How Sentient Spire supports it
Orion Dark Web — continuous dark-web and breach monitoring, delivering source-tagged intelligence you can act on and share.
S 11.11S 11.13S 11.18
Detection, response & recovery
The Standard
Investigate and respond to flagged activity, maintain a comprehensive Cyber Incident Response Plan, and notify Bank Negara Malaysia of cyber incidents.
How Sentient Spire supports it
Seraph + AIADRE — autonomous detection-and-response workflows and incident evidence that support your CIRP and regulatory notifications.
S 11.6S 11.9
Adversarial testing (Red Team & VAPT)
The Standard
Conduct a realistic Red Team simulation at least once every three years, and regular vulnerability assessment and penetration testing.
How Sentient Spire supports it
Orion — AI-assisted penetration testing and adversarial exposure validation that produce defensible, standards-mapped findings.
S 10.47S 10.49S 10.50
Third-party & cloud risk
The Standard
Due diligence and continuous, real-time monitoring of third-party providers' cyber posture, and a comprehensive cloud risk assessment.
How Sentient Spire supports it
Orion Dark Web third-party monitoring with sovereign deployment — monitor your supply chain while data and controls stay in-country.
S 11.5Appendix 5
Data loss prevention
The Standard
Adopt the control measures in Appendix 5, which require Data Loss Prevention to be enforced across data in-use, in-motion and at-rest.
How Sentient Spire supports it
QCS + Mobile Defense — DLP-aligned controls across endpoints and mobile devices.
S 10.53S 10.54S 10.55S 10.57
Access control & strong authentication
The Standard
Deny-by-default, least-privilege access with social-engineering-resistant multi-factor authentication and monitored, logged access to critical systems.
How Sentient Spire supports it
Mobile Defense + bank SDK — device attestation, crypto-bound biometrics and hardware-backed multi-factor authentication.
S 10.20S 10.22
Cryptography
The Standard
Industry-standard cryptography with protected key storage (HSM/TEE) and a managed key lifecycle.
How Sentient Spire supports it
Sentient Spire SDK — hardware-backed keys (StrongBox / Secure Enclave) and signed, key-managed distribution.
S 10.17S 10.18S 10.45
Cyber resilience & recovery
The Standard
No systems running known-vulnerable or end-of-life technology, and tamper-proof backup with isolated recovery from destructive attacks such as ransomware.
How Sentient Spire supports it
Argus — continuous exposure and obsolescence monitoring with resilience validation.