ACL Digital

Home / CaseStudy / Technical Risk Assessment for a $100mn US-based Software Service Provider

Technical Risk Assessment for a $100mn US-based Software Service Provider

Technical Risk Assessment for a $100mn US-based Software Service Provider

Technical Risk Assessment of On Premise & Public Cloud Infrastructure for a $mn US based Software Service Provider banner

Overview

The client is a $100 million US-based multinational software service provider, specializing in commodity management platforms. They experienced a critical security breach when their Linux machine, hosting crucial software source code, was compromised. To mitigate risks and bolster their security posture, the company partnered with ACL Digital to devise a comprehensive technical risk assessment across their infrastructure assets, including both on-premise and public cloud environments.

Download Case Study








    Challenges

    Applications hosted in a SaaS-based model on AWS cloud, lacked effective monitoring for security incidents

    Vulnerability of web-facing applications due to lack of a robust security posture

    Limited visibility into critical security incidents

    Solution

    A thorough Technical Risk Assessment was conducted on both AWS cloud infrastructure and on-premise systems. The solution encompassed the following key activities:
    • Vulnerability Assessment: A comprehensive vulnerability assessment was carried out on AWS cloud infrastructure and externally exposed IP addresses
    • Code Review: A detailed code review was performed on the critical application infrastructure to uncover security flaws
    • Penetration Testing: Both Black Box and Grey Box penetration testing were executed on the cloud and on-premise infrastructure assets
    • Application Security Testing: Security testing of applications was conducted based on OWASP (Open Web Application Security Project) and NIST (National Institute of Standards and Technology) standards
    • Red Teaming Exercise: The exercise was conducted to simulate advanced persistent threats and assess the organization’s readiness and response capabilities
    Technical Risk Assessment of On Premise & Public Cloud Infrastructure

    Outcomes

    100% Reduction in Critical Vulnerabilities

    The assessment led to the complete elimination of critical vulnerabilities, greatly enhancing defense against potential exploits

    The overall security posture improved, reflecting an enhancement in the detection, response, and mitigation of security threats effectively

    Benefits Technical Risk Assessment for a $mn US based Software Service Provider
    Scroll to Top