Finding Security loopholes from Cloud Infrastructure and logs - Cyber Security Case Study
Scenario
The client approached us for DevSecOps oriented work where we have to look into log management system and provide periodic reports based on log analysis.
Testing methodology
SIEM tools were used to detect suspicious logs from the infrastructure. We also helped the client to set Secure Network on cloud.
Risk Found
Business Risk
Found some Security breach logs which suggests that customer's VPC has been compromised. While they take actions to make the access secure, their Testing Environment Database got hacked due to same reason. But as we detected logs earlier, their Production database got safe and approx 20Crvaluation business got saved.