Finding Security loopholes from Cloud Infrastructure and logs - Cyber Security Case Study

Scenario

The client approached us for DevSecOps oriented work where we have to look into log management system and provide periodic reports based on log analysis.

Testing methodology

SIEM tools were used to detect suspicious logs from the infrastructure. We also helped the client to set Secure Network on cloud.

Risk Found

    Sorted web URLs based on no. of request. CPU, Disk, Memory utilization metrics details were reported for keeping eyes on possible issues. Some Security breach logs found which has been reported immediately.

Business Risk

Found some Security breach logs which suggests that customer's VPC has been compromised. While they take actions to make the access secure, their Testing Environment Database got hacked due to same reason. But as we detected logs earlier, their Production database got safe and approx 20Crvaluation business got saved.