Case Study on Cloud Infrastructure Security
-------
Financial Organization
A Fintech startup requested a configuration review of their AWS cloud environment.
Some Observations
- We observed multiple issues within their cloud due to misconfiguration by their developers and cloud engineers.
- Unrestricted inbound access to their environment from outside due to Network ACLs and Security Groups misconfigurations
- Unrestricted outbound access from their environment
- Data is not encrypted at rest on their EBS volumes
- Backup snapshots are not found
- Authentication issues of their APIs are observed in CloudTrail logs
- Performance alerts are observed in CloudWatch
- Certain necessary services are not enabled that tracks the configuration issues
Case Study on HackView LENS
-------
Retail Organization
A retail startup requested for Brand Monitoring of their organization from external perspective
Some Observations
- Passwords are leaked and found in dark web
- Old SSL/TLS versions are found on some applications
- Insecure software versions are being used
- Weak SSL ciphers are observed
- Compromised email ids
- Leaked code in github repositories
- Anonymous discussions on social media
- Exposed network ports
Case Study on Security Risk Assessment
-------
Product Based Organization
A Fintech startup requested a configuration review of their AWS cloud environment.
Some Observations
- Unnecessary services are enabled on their servers
- Passwords are not encrypted at rest
- Logging is not enabled on critical services
- There is no authentication on APIs when integrating with other systems and applications
- Production, QA and Development environments have unrestricted network and application access
- Test data from development environment is observed on production systems
- Administrator access was provided to developers
- Default passwords are not changed on the applications
- Password policy was not met according to standards
- Lack of SSL certificates on some services