Contact Us
Contact Us
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Subscribe to our newsletter
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Cloud Configuration Review

If your cloud-based server is unhardened or weakly configured, your business is vulnerable, and you’re leaving yourself open to loss of reputation. The news has been full of data breaches due to leaky S3 buckets. 

Find out more
Complete this form to get in touch

Are you happy for Defendza to keep you informed on the latest developments in cyber security (attack reports, guidance, DIY articles)? Of course you can unsubscribe at any time. Please see our privacy policy

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Overview

Whether it is AWS, Azure or any other cloud provider, there is a huge range of services relating to computing and storage, content delivery, network and security management.  Majority of the times, the use of cloud services is internal to the organization or as a service to its customers. 

A configuration review is authenticated and checks for security baselines, identifying risks in your network from both internal sources and external threat actors. Reviews are usually carried out on new deployments before the production release, or during infrastructure revisions.

Why do secure cloud configuration review?

The underlying cloud provider's environment is always out of our remit: what a cloud tenant needs is to make sure that their platform configuration, application code or any assets deployed within this environment are free from security risks. Defendza’s review system ensures this. For instance, top issues around AWS checks include:

  • S3 bucket configuration flaws
  • AWS IAM keys security
  • Cloudfront misconfiguration/bypass
  • Logging and Monitoring (Cloudtrail)
  • Insecure Permissions, Privilege Management

Methodology

Network Security

This area involves checks around network security controls such as ingress, egress rulesets, flow logging, traffic restrictions, and least access privileges.

Monitoring

The monitoring phase is one of the critical tasks responsible for alerting relevant contacts during an incident. This involves reliance on the logging and related configuration parameters to ensure right metric filters are in place. These reviews include checks for real-time monitoring configuration, alarms for any changes made to access control lists, security policy/groups, routing tables, and related parameters.

Logging API Calls, Events

All major cloud service providers offer web services that record API calls for tenant account. This information contains various parameters such as API source, calls details, requests/response elements. This phase includes a review of API calls for an account, log file validation, encryption at rest, access checks if logs are restricted from public view and access logging, configuration management and monitoring options.

Identity and Access Management

This phase involves reviewing identity and access management related controls. Generally, these include checks on the use of higher privilege accounts, use of MFA, password policy, IAM policies, access keys and credentials usage policies. 

Want to discuss cloud security concerns?
Call Us Now

Why Defendza ?

Focus on Customer Business

Cyber security is a business enabler. We make sure we understand your business and its needs so that we can help you grow your business in the certain knowledge that it’s protected.

Custom tools and scripts

Apart from the range of commercial and open source tools available for specific testing, our team has its own custom scripts for efficient testing. We provide accurate results to make sure our clients completely understand any vulnerabilities we report.

In-house experts

Our teams are led by veteran security consultants accredited by CREST standards for the last several years. Our experience shows that our clients are best served by giving them the right advice for their cyber security needs. We do not believe in spreading fear, uncertainty and doubt to generate more business.

Key Benefits

Our network security team is waiting
Call Us Now

Testimonials

"My experience to date with Defendza has been very positive, I look for a flexible, knowledable security "partner" when I engage a PT firm. Pentest means many things to many people and there are many different use cases for both the testing activity and the report generated and I need someone to work with me to get the absolute best value out of my security budget."

Information Security Officer
Insurance Group

Excellent people to work with. Very good knowledge of requirement and give us correct findings with excellent remedy to improve our security for our B2B portal site."

Head of Technical & Business Improvement
Leading Pharmaceutical Manufacturer

"I thought it was a highly professional and thorough exercise and I would have no hesitation recommending Defendza to any of my connections."

Director, Software Engineering
Global Information and Analytics Company

"Good personal service. We are delighted with the work Defendza did for us. Highly recommended."

CTO
Manchester headquartered Global Fashion Brand

"Extremely satisfied with approach, speed and end results. Thanks."

COO
International fashion label and store

"My experience of the Defendza team was 5 star.  They were so helpful, and their technical delivery and client communication were excellent."

Director, Software Development
Corporate Services Company

Resources

Manufacturers Can’t Afford the Cyber Risks

09/06/2019

Much of the manufacturing industry has failed to take proactive steps to defend against cyber attacks—which is a notable problem considering the growing threats the industry faces