Resources

Some Case Studies and Customer’s Success Stories

Some Case Studies and Customer’s Success Stories

Case Study on Cloud Infrastructure Security

A Fintech startup requested a configuration review of their AWS cloud environment.

We observed multiple issues within their cloud due to misconfiguration by their developers and cloud engineers

Unrestricted inbound access to their environment from outside due to Network ACLs and Security Groups misconfigurations

Unrestricted outbound access from their environment

Data is not encrypted at rest on their EBS volumes

Backup snapshots are not found

Authentication issues of their APIs are observed in CloudTrail logs

Performance alerts are observed in CloudWatch

Certain necessary services are not enabled that tracks the configuration issues

A retail startup requested for Brand Monitoring of their organization from external perspective

Passwords are leaked and found in dark web

Old SSL/TLS versions are found on some applications

Insecure software versions are being used

Weak SSL ciphers are observed

Compromised email ids

Leaked code in github repositories

Anonymous discussions on social media

Exposed network ports

A Fintech startup requested a configuration review of their AWS cloud environment.

Unnecessary services are enabled on their servers

Passwords are not encrypted at rest

Logging is not enabled on critical services

There is no authentication on APIs when integrating with other systems and applications

Production, QA and Development environments have unrestricted network and application access

Test data from development environment is observed on production systems

Administrator access was provided to developers

Default passwords are not changed on the applications

Password policy was not met according to standards

Lack of SSL certificates on some services