Adoption of cloud services and/or technologies is no doubt indispensable in today's world. The question remains - Whether a cloud setup (any service model) provides safe and secure environment to their staff and customers?
Defendza have the skill-set and extensive experience of working with all the major cloud service providers. As shared services concept is gaining more traction, risks of data leakage are increasing with more blind spots than ever.
We perform security reviews for Cloud services and/or solutions offered by cloud service vendors. These solutions may cover different service models such as Software-as-a-service (eg. Dropbox, ZenDesk) or Platform-as-a-service (eg. Salesforce).
If your cloud-based server is unhardened or weakly configured, your business is vulnerable, and you’re leaving yourself open to loss of reputation. The news has been full of data breaches due to leaky S3 buckets.
"In fact, Gartner predicts that, through 2020, 95 percent of cloud security failures will be the customer’s fault."
- Gartner
Majority of the infrastructure refreshes are about cloud technology to ensure a safe and secure way for the business operations. The safety of these assets is a key consideration for any management to show commitment to securing their supply chain, customer information and/or their corporate information. Our Cloud Security Service can help you assess your risks and the relevant risk mitigation steps to minimise the attack surface.
Irrespective of the cloud service model in use (Iaas, Paas, Saas), security validation is important at one or multiple stages of business lifecycle of any asset. Defendza offer security assessments of applications, infrastructure and/or configuration reviews hosted at AWS, Azure, Skyscape, Virtualized environments such as VMWare, Hyper-V.
We have a dedicated security assessments FAQ section. Read it here.
Defendza as a business, as well as its consultants, are equipped with some of the best-known certifications, accreditations and qualifications globally. These include CREST, GCloud 11 Framework, ISO quality management certifications for the business and our consultants are Ex Check Team Leaders/CCT Infrastructure (2012, 2015) and Web Applications (2009,2012,2015), OSCP (Offensive Security Certified Professional), CREA (Certified Reverse Engineering Analyst), CREA (Certified Binary Auditing Expert), CISSP (Certified Information Security Systems Professional), SANS GSEC & GCIH Silver (Hacker Techniques and Incident Handling), CCNA (Cisco Certified Network Associate), CEH (Certified Ethical Hacker).
Conducting regular penetration assessment offers the following benefits:
Defendza Ltd are an accredited CREST penetration testing service provider. This ensures we adhere to high technical standards and code of conduct in place by CREST.
Cloud applications and technologies are increasing exponentially to address scalability, speed and reliability issues over on-premise setups. A small misconfiguration such as permissions weakness could expose a company's database or other service putting data in full internet view. Defendza help businesses to ensure their cloud assets are secure before being adopted by the users.
Our cloud security offerings are based on extensive methodlogy we have developed with years of experience working across different sectors. It's very important that a cyber security consultancy follows an approach that delivers right returns on your investment. At a high level, our approach towards cloud security assessments is as follows:
This phase involves reviewing identity and access management related controls. Generally, these include checks on the use of higher privilege accounts, use of MFA, password policy, IAM policies, access keys and credentials usage policies.
Authentication and authorization problems are prevalent security vulnerabilities. Most mobile apps implement user authentication. Even though part of the authentication and state management logic is performed by the back end service, authentication is such an integral part of most mobile app architectures that understanding its common implementations is important.
This area involves checks around network security controls such as ingress, egress rulesets, flow logging, traffic restrictions, and least access privileges.
All major cloud service providers offer web services that record API calls for tenant account. This information contains various parameters such as API source, calls details, requests/response elements. This phase includes a review of API calls for an account, log file validation, encryption at rest, access checks if logs are restricted from public view and access logging, configuration management and monitoring options.
The monitoring phase is one of the critical tasks responsible for alerting relevant contacts during an incident. This involves reliance on the logging and related configuration parameters to ensure right metric filters are in place. These reviews include checks for real-time monitoring configuration, alarms for any changes made to access control lists, security policy/groups, routing tables, and related parameters.
Samsung Support USA tweeted about scanning QLED TV for malware viruses if it is connected to Wi-Fi. In a post tweet event, Samsung responded that they take security very seriously and our products and services are designed with security in mind.
The Department of Homeland Security has issued a warning that some VPN packages from Cisco, Palo Alto, F5 and Pulse may improperly secure tokens and cookies, allowing nefarious actors an opening to invade and take control over an end user’s system
