Infrastructure AuditWe secure and monitor your system.
Our client, who provides various software services across the globe, required vulnerability assessments for all of their software products. These software services varied based on the business, and were spread across a variety of domains. The challenge was to understand the risks in each business domain and evaluate the software based on these risks.
Tools & Technology
- Kali Linux
- Cisco VPN and Firewall
- Okta Verify
Our security experts started to evaluate the system and architecture at the client end. The evaluation consisted of understanding and mapping each and every architectural component such as networks, firewalls, servers, OS, protocols used, VPNs, etc. For infrastructure, the Cisco Firewall at the client’s end needed to be made compliant with their global security policies. We helped them setup and define the rules.
The mail communication did not have any specific rule settings, so we noted the most appropriate rule settings and helped them incorporate these changes. One of the rules included was to disallow attachments consisting of potentially harmful file extensions, such as .exe. In such scenarios, the mail sending is failed and an appropriate alert message is triggered. We also analyzed network traffic by sniffing the incoming and outgoing network traffic by using the tools Wireshark and Tcpdump.
There were major patch updates required for the underlying Windows OS, which were used in some of the servers, including service pack updates. The client used Cisco VPN, for which we added single sign on along with two-factor authentication using Okta Verify.
On the application and web servers, we disabled potentially harmful commands. The servers were connected to a firewall which had restrictive incoming and outgoing traffic. Opening web connections was disabled on all of these servers to ensure maximum security.
Once the infrastructural evaluation was complete, we started to scan the applications. We initiated static scans for all of these codes which were deployed in the UAT environment. After performing 3 days of automation testing, our team of security experts initiated a manual assessment and we submitted a complete report on the fixes that should be implemented to mitigate the issues that had been found.
A total of 5 scan cycles had to be completed for all of these applications in order to achieve a score of 92%.
After our vulnerability assessment, we continued to carry out regular and timely assessments on the client’s request. This was done quarterly to ensure the system was robust enough to handle recently identified vulnerabilities.
We regularly scanned and provided vulnerability assessments for our client. Our security experts helped in explaining the nuances of all the vulnerabilities and provided cost-effective and efficient solutions.
The client has immense trust in our services and continues to complete vulnerability assessments before each new software code or patch release. Moreover, regular vulnerability assessments have helped the client showcase their credibility and built confidence in their end-users.