Cyber Risk Assessment of Private and Public Cloud Infrastructure
Overview
Customer is a $100mn US-based multi-national, developing commodity management platforms. One of their Linux machines, with the software source code installed, was hacked. They wanted to perform risk assessment for all the infrastructure assets to mitigate risks.
Download Case Study
Challenges
Applications are hosted in a SaaS-based model in AWS cloud and security incidents are not monitored
Web-facing applications are vulnerable to attack due to lack of security posture
Lack of visibility into critical security incidents
Solution
Performed Technical Risk assessment on Private and AWS cloud infrastructure
- Vulnerability assessment on AWS and external exposed IP address
- Code review on critical application infrastructure
- Black box and Grey box Penetration testing on Cloud and on-premise infrastructure assets
- Application security testing based on OWASP and NIST standards
- Red teaming exercise as proactive cyber defense
Outcomes
- 100% Reduction in critical vulnerabilities
- 50% Improvement in Security posture