IT Security Review for Consulting Firm

Problem Statement

Customer was required to conduct an independent security review of its application and cloud infrastructure as part of its contractual obligations.

Services Delivered

  • Conducted a security architecture review of the cloud environment and provided recommendations
  • Conducted Application Security Assessments, identified issues and provided recommendations for mitigation
  • Performed a security focused static code review of the in-scope APIs/ Services/ Interfaces
  • Conducted VAPT for network, storage and compute elements of cloud infrastructure, identified vulnerabilities and provided recommendations for mitigation
  • Reviewed the SDLC practice and provided recommendations for enhancing the security controls
  • Reviewed the cloud security framework against CSA STAR controls, identified gaps and provided recommendations

Value Provided

  • Provided the client with a security assessment report, which was high-level in nature to validate the implementation of key controls to protect confidential information
  • Provided roadmap to mitigate key risks and extended support for remediation
  • Provided roadmap to achieve CSA STAR certification
Article Written by
crossmenu linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram