Author: admin

Posted on by

Open Source Platform Development

Home » Insight »

Open Source Platform Development

As part of Application Security Assurance

About the client

The Client is a non-profit organization developing an open source identity platform that helps user organizations such as Governments implement a digital, foundational ID in a cost effective way, while embracing the best practices of scalability, security and privacy harnessing the power of open source.

The Problem

  • World Bank is  promoting Citizen Identity System to the citizens of under developed and developing countries.
  • The platform was supposed to be modular in architecture at the same time robust, secured and scalable for large populated countries to adopt it as a cost effective platform.
  • The application was supposed to be developed by using opensource technologies.  
  • The platform is to follow open standards, frameworks and full code disclosure to avoid vendor lock-in.

The Solution

  • We designed high level architecture of the core platform, along with data flow and data security.
  • We used open source language/DB  like Java, Spring Boot, Postgres, MinIO, Kubernetes etc 
  • We did HSM integration of AWS CloudHSM, nCipher and Safenet for key management standards using PKCS11 and JCE.

Value delivered

Built with open APIs to enable interoperability and promote a culture of entrepreneurship and innovation

Standard, world-class tech platform available for free, can be leveraged to keep cost of systems low

A reliable open source platform for identity system designed for easy integration

Extensibility with country-specific features using a microservices/API approach

Industry

Non-Profit Organization

Team Size

08

Instruments

Java, Spring Boot, Kubernetes

More Case Studies

LET'S CONNECT

info@cyberpwn.com

INDIA HQ 7th Floor, Fairway Business Park, Near EGL, Domlur, Bangalore, Karnataka, 560071 Phone:+91-80-6193 9301 INDIA|USA|CANADA
Posted on by

Skilled Sme For Mobile Application Security Assessment

Home » Insight »

Skilled Sme For Mobile Application Security Assessment

As part of Agile Workforce

About the client

Our client is one of the largest multinational professional services organization

The Problem

  • Client required to on-board 10 skilled resources on Mobile application security assessment, for one of their key engagements
  • Client’s internal LnD function was not able to cater to the requirement, considering the need was niche, specific and time sensitive
  • Resources were not only required to have experience on Mobile Security Testing, but required to have experience on DevOps lifecycle and integration of security check gates at each stage

The Solution

  • Our domain experts formulates a roadmap to source, enable and infuse 10 skilled resources in a span on 3 months
  • The resource pool had a mix of freshers, juniors and senior analysts
  • The training program was customized to suit the exact need of the client and executed in a span of 3 months

Value delivered

Cyberpwn’s focused, preemptive and round the clock hiring of domain SMEs across skill levels helped the client build a skilled team on time

Our customized and modular training program enabled the resources to be aligned with the project needs

Our internal self-learning platforms made the customized training cost and time effective

Program management team ensured seamless execution of the program

Industry

IT/ITES

Team Size

10

Instruments

Hiring Processes
Expert Trainers
Training Content

More Case Studies

LET'S CONNECT

info@cyberpwn.com

INDIA HQ 7th Floor, Fairway Business Park, Near EGL, Domlur, Bangalore, Karnataka, 560071 Phone:+91-80-6193 9301 INDIA|USA|CANADA
Posted on by

RSA Archer eGRC Implementation

Home » Insight »

RSA Archer eGRC Implementation

As part of Cyber Transformation

About the client

A Financial Services major in the UAE region. Objective of enabling RSA Archer eGRC platform was to transform the existing IT Risk Management function

The Problem

  • Disjointed IT Risk Management processes, running in silo and on multiple legacy platforms, mails and excel sheets
  • Lack of automation resulting in friction and inefficiency
  • Lack of visibility in terms of organization wide risk posture
  • Ineffective risk remediation and exception for technical vulnerabilities

The Solution

  • We collaborated with RSA to deliver a best-in-class IT Risk Management solution on RSA Archer platform to transform the IT Risk Management function.
  • Enabled Risk Management, Vulnerbaility Management and Issues Management solutions
  • Rapid deployment of solutions and stake holder on boardingtechnical vulnerabilities

Value delivered

Automation of Vulnerability Management program

Centralised issues management

Unified platform to manage IT risk landscape

Executive dashboards and reports for risk aware decision making

Industry

BFSI

Team Size

04

Instruments

RAS Archer

More Case Studies

LET'S CONNECT

info@cyberpwn.com

INDIA HQ 7th Floor, Fairway Business Park, Near EGL, Domlur, Bangalore, Karnataka, 560071 Phone:+91-80-6193 9301 INDIA|USA|CANADA
Posted on by Leave a comment

Cloud Security tools : CASB, CWPP & CSPM, & Use Cases

Home » Insight »

Cloud Security tools : CASB, CWPP & CSPM, & Use Cases

The three different cloud security tools which will cover almost every threat in cloud security are CASB, CWP and CSPM. Let’s see these tools and the use cases & also explain “for cloud security to success at scale, why do you need to use automation “

Cloud Security is a suite of services to help companies in their digital transformation / cloud adoption process to achieve their security goals in public/hybrid cloud environments (IaaS, PaaS and SaaS). This suite includes the following services:

  1. Cloud Access Security Broker (CASB)
  2. Cloud Security Posture Management (CSPM)
  3. Cloud Workload Protection Platform (CWPP)

So, what is CASB Platform?

CASBs are on-premises, or cloud-based security policy enforcement points, placed between cloud service consumers and cloud service providers to combine and interject enterprise security policies as the cloud-based resources are accessed. CASBs consolidate multiple types of security policy enforcement. For Example, security policies include authentication, single sign-on, authorization, credential mapping, device profiling, encryption, tokenization, logging, alerting, malware detection/prevention and so on.

USE CASES:

Visibility: Involves cloud identification, risk assessment, audit trails for forensic investigation, and e-discovery.
Data protection: DLP, governance and risk base access control, Data encryption& key management/Tokenization/DRM, MDM etc.
Threat protection: Protect clouds from malicious insiders, compromised accounts, advanced persistent threats (APTs), attacks on (APIs), malware, ransomware etc.
Compliance: Policies for Data protection, data sovereignty (data residency) & global regulations)
CWP PLATFORM: The market for Cloud Workload Protection Platforms CWPPs is defined by workload-centric security protection solutions, which are typically agent-based. They address the unique requirements of server workload protection in modern hybrid data centre architectures that span on-premises, physical, and virtual machines (VMs), and multiple public cloud infrastructure as a service (IaaS) environment. Ideally, they also support container-based application architectures.

In other words, CWP provides a cloud-based security solution that protects instances on AWS, Microsoft Azure, and Google Cloud Platform (GCP) & others cloud vendors.

CWP MAJOR USE CASES:

System hardening, Vulnerability management, Network firewalling, Micro-segmentation, System integrity monitoring, and Application whitelisting. Anti-malware scanning, Exploit prevention/memory protection, Server workload EDR, behavioural monitoring. Etc.

What is CSPM?

Cloud Security Posture Management (CSPM) tools are fundamental to cloud security. “CSP concentrates on security assessment and compliance monitoring, primarily across the IaaS cloud stack”. CSPM typically involves leveraging API integrations with one or more cloud providers in order to automatically discover cloud assets and their associated risks. Nearly all successful attacks on cloud services are the result of customer misconfiguration, mismanagement and mistakes. Security and risk management leaders should invest in cloud security posture management processes and tools to proactively identify and remediate these risks.

CSPM solutions commonly used for :

  1. It Identifies risky configuration settings and providing visibility into the current security posture of your cloud environment.
  2. Recognizes and logs changes in configuration and who made them, helping to identify accidental, inappropriate or malicious changes
  3.  Maintains and provides a path to compliance for security frameworks such as CIS, NIST, HIPAA/HITECH, PCI DSS, and CSF.
  4. Inventories all cloud assets across IaaS, PaaS or SaaS, and alerts when new items are added, who added them, and if they are secure and compliant, Etc.

CLOUD VISIBILITY & CLOUD SECURITY TOOL GROUPS

Above image explains that if your organization is putting sensitive data in SaaS, deploy a CASB. If your organization is processing sensitive data in IaaS, deploy both CSPM to assess your cloud configuration and extend your Workload Protection to the cloud with CWPP. (Image source Gartner)

For cloud security to success at scale you need to use automation. Cloud automation ensures that human error during the set-up stage doesn’t leave your application or data vulnerable to attack. Automated monitoring is the only realistic way to ensure that your application stays as secure as possible at all times and that security vulnerabilities aren’t introduced. And also, continuous security and compliance is only possible with automation tools to ensure across-the-board access management and to monitor and dynamically fix security vulnerabilities in real time. In addition, it allows your IT team to use their time to work on the types of projects that can’t be automated—like developing security strategy.

It is always recommended that implementation of cloud security processes should be a joint responsibility between the business owner and solution provider.

Building Cloud Security Excellence
August 24, 2021

Building Cloud Security Excellence We spend a lot of time talking to cloud security professionals, basically trying to figure out the best ways to get

DevSecOps – Communication Breakdown
July 9, 2021

DevSecOps – Communication Breakdown It’s so apropos because better communication could help avoid the majority of problems — at work and in life. Alas, a

SUBSCRIBE TO OUR NEWSLETTER​
LET'S CONNECT

info@cyberpwn.com

INDIA HQ 7th Floor, Fairway Business Park, Near EGL, Domlur, Bangalore, Karnataka, 560071 Phone:+91-80-6193 9301 INDIA|USA|CANADA
Posted on by Leave a comment

SOAR TECHNOLOGY: Explained, Important capabilities, SOAR VS SIEM, Key use cases

Home » Insight »

SOAR TECHNOLOGY: Explained, Important capabilities, SOAR VS SIEM, Key use cases

SOAR (Security Orchestration, Automation and Response) is a solution stack of compatible software programs that allow an organization to collect data about security threats from multiple sources and respond to low-level security events without human assistance. The goal of using a SOAR stack is to improve the efficiency of physical and digital security operations. The term, which was coined by the research firm Gartner, can be applied to compatible products and services that help define, prioritize, standardize and automate incident response functions.

“Gartner defines SOAR as technologies that allow companies to collect all types of security threats, alerts, and data from various sources and analyse and respond to them in one place. Using SOAR tools, organizations can identify and eliminate duplicates and false positives, which allows security analysts to focus on real threats most efficiently. By leveraging human expertise and the time savings afforded by automation and orchestration, decision-making and reaction times can be significantly faster”

The three most important capabilities of SOAR technologies are:

Threat and vulnerability management: It supports the remediation of vulnerabilities across their lifecycle and provides formalized workflow, reporting and collaboration capabilities.

Security incident response: It supports how an organization plans, manages, tracks, and coordinates the response to a security incident.

Security operations automation: It enables the automation and orchestration of workflows, processes, policy execution and reporting

SOAR VS SIEM

Both SIEM and SOAR intend to make the lives of the entire security team better through increased efficiency and efficacy. While data collection is incredibly meaningful, SIEM solutions tend to produce more alerts than SecOps teams can expect to respond to. SOAR enables the security team to handle the alert load quickly and efficiently, leaving time to focus on core tasks.

Do we need SIEM, SOAR or both?

Like ice cream and cake, SIEM and SOAR are great on their own, but better together. SIEM excels at collecting and storing data in a useful form, while SOAR’s strengths lie in making use of that data, saving analysts the trouble of manually investigating and responding to each and every suspicious event they find.

KEY USE CASES

The Key Use cases defined for the SOAR market are that it should include all the enterprises which can automatically resolve alerts enabling the organization to cost-effectively close alerts, gather metrics and run reports automatically to reduce the time spend by the security analysts for these activities, Security Orchestration for Automated Défense to respond to security alerts


SOAR selection in 2019 and beyond is being driven by use cases such as:

  1. SOC optimization
  2. Threat monitoring and response
  3. Threat investigation and response
  4. Threat intelligence management
Building Cloud Security Excellence
August 24, 2021

Building Cloud Security Excellence We spend a lot of time talking to cloud security professionals, basically trying to figure out the best ways to get

DevSecOps – Communication Breakdown
July 9, 2021

DevSecOps – Communication Breakdown It’s so apropos because better communication could help avoid the majority of problems — at work and in life. Alas, a

SUBSCRIBE TO OUR NEWSLETTER​
LET'S CONNECT

info@cyberpwn.com

INDIA HQ 7th Floor, Fairway Business Park, Near EGL, Domlur, Bangalore, Karnataka, 560071 Phone:+91-80-6193 9301 INDIA|USA|CANADA
Posted on by

Application Security Assurance

Home » Insight »

Application Security Assurance​

Businesses run on applications. Be it mobile or web or traditional desktop-based applications, each plays a key role in transforming the way business used to be done helping organizations achieve their strategic business objectives. But on the hind side, these crown jewels expose ways to access the organization’s resources, customer records, and all sorts of sensitive information. Should these be compromised, the impact on the organization will be detrimental from all aspects. Evolving business demands and customer expectations, the emergence of micro-services-based architecture, containerization, and cloud transformation, have given rise to a complex technological ecosystem for an application to be built and to operate.

This technological evolution increased the attack surface for the applications. But the need to deliver products at lightning speed often puts security on the back burner and most of the time the security checks required for the application to have the minimum level of assurance remain incomplete and inadequate. Cyberpwn’s “Application Security Assurance” service, takes a holistic approach to fix this issue not just by shifting left, but by starting left. Our Application Security Assessment offering is comprehensive and has full spectrum coverage of the technological landscape within which an application is built and operated.

What We Offer

Security Engineering​

With the rise in demand for complex applications and digitization of information, it is very difficult to balance security & user experience at the same time. With our years of experience, we help our customers develop applications securely at every stage of development, without having to compromise on user experience and agility.
DevSecOps is relatively a new domain and it aims to secure the DevOps framework while maintaining its velocity by making security everyone’s responsibilities. It integrates security seamlessly into existing CI/CD practice. Our DevSecops service follows the “Start Left” principle and ensures security checks are embedded at each stage of the DevOps lifecycle. We can help you identify the right set of DevSecops toolchain for SCA (Source Code Composition Analysis), SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), Container Security and also get the products integrated into the DevOps lifecycle, followed by operational support to refine baselines. Or our involvement could be earlier to help you strategies and prepare for your DevSecops transformational journey.

Penetration-Testing

Penetration Testing

Due to the complex environment, the pressure of compliance requirements, and the “zero-day” threats knocking on the door every now and then, Vulerability Assessment and Penetration Testing (VAPT) has become an indispensable service for organizations. With over years of carefully polished security test execution and threat modelling methodologies, our penetration testing services reduce software risk with results that you can trust. Our consultative penetration testing services cover web applications and network devices. Having an in-depth approach, that goes beyond normal security scans, ensures that findings are accurate and risk prioritized with minimal false positives. Our team is capable of detecting the full spectrum of vulerabilities in both commercial and in-house applications across a range of operating systems and web application platforms.

01Profile

02Assess

03Report

04Remediate

Source Code Review

Secure code review is a process of manual and automated review of an application’s source code with a motive to identify security-related weaknesses in the code. Our experts use both the techniques to find and validate the vulerabilities in business logic and design, with zero false positives.

 Vulerability Management

Managing vulerabilities at an enterprise scale can be an uphill task. Regulatory mandates are making this task even more daunting. Our risk-centric Vulerability Management program can help you run your operations in a factory model, right from identification of vulerabilities to their remediation.

Mobile Security

Our mobile application penetration testing methodology covers both manual and automated assessments of mobile platforms such as iOS, Android, and Windows. The focus shifts from traditional application security, where the primary threat is from multiple sources over the Internet. The key difference is in the client-side security, filesystem, hardware, and network security. Traditionally for mobile applications, the end-user is in control of the device. Mobile app testing requires deep expertise, and it can’t be treated like any other web application.
Cyberpwn has developed its own framework for Mobile Application testing which covers OWASP top 10, CWE 25, reverse engineering, static code analysis, privilege escalation. application design flaws.

Cyberpwn Advantages

LET'S CONNECT

info@cyberpwn.com

INDIA HQ 7th Floor, Fairway Business Park, Near EGL, Domlur, Bangalore, Karnataka, 560071 Phone:+91-80-6193 9301 INDIA|USA|CANADA
Posted on by

Application Penetration Test

Home » Insight »

Application Penetration Test

As part of Application Security Assurance

About the client

Our client is a French multinational investment bank and financial services company.

The Problem

  • Bank used to have different invoice formats for its customers
  • The core application had file uploading functionality
  • Challenge was to identify any malicious file or content upload

The Solution

  • Our Security team had performed security testing on the web application
  • The vulnerabilities like privilege escalations via Insecure Direct Object Reference was possible and any user of the application was allowed to perform financial transactions.
  • We provided recommendations to mitigate the vulnerabilities.

Value delivered

Executive Dashboard Reports on Critical issues

Effective collaboration between the Business & Delivery Team

Reduced Risks associated with the Application by providing On-time Remediation

Consultative Advisory on Policy Compliance & Process improvement.

Industry

BFSI

Team Size

08

Instruments

Burpsuite

More Case Studies

LET'S CONNECT

info@cyberpwn.com

INDIA HQ 7th Floor, Fairway Business Park, Near EGL, Domlur, Bangalore, Karnataka, 560071 Phone:+91-80-6193 9301 INDIA|USA|CANADA
Posted on by

Cyber Resilience

Home » Insight »

Cyber Resilience

Digital transformation is happening at an unthinkable speed. Unprecedented times have led to new ways of working and given rise to heavy usage of teaming and collaboration platforms. Outsourcing services is happening at scale. The industry as we know it is going through an evolution. It’s a great opportunity for the industry to experience growth, but growth creates avenues for risks & threats. For the industry to remain on the growth trajectory, it has to be backed by a robust cyber resilience strategy, which ensures that the industry sustains negligible damage and gets back on its feet every time there is an impact. 

A constantly evolving business needs its cyber resilience strategy to run hand in hand and evolve along with it. We cannot have a next-gen business backed by aging cyber security programs. Our “Cyber Resilience” services, help you become more cyber resilient in this complex and evolving environment. We not only help you get prepared for cyber incidents and attacks through our SOC (Security Operations Centre) Consulting and IMR (Incident Management and Response) services, we also help you proactively identify gaps in your enterprise architecture and gain actionable intelligence with our Red Teaming, Social Engineering, and Threat Management services.

What We Offer

Red Teaming​

Cyberpwn’s “Red Teaming” service is carried out by highly skilful resources with a deep drive approach using proprietary algorithms and multi-blended real-world attack simulations. Our custom-made exploit codes and usage of innovative technique and technologies, helps organizations to find the most severe vulnerability in their assets. Our high-quality tailored approach helps customers to be more resilient to any future malicious attacks.

01Know the effectiveness of your security controls

02Understand the level of business risk/impact

03Train and prepare your internal team for any future attacks

04Identify the most critical vulnerabilities before an attacker exploits them

05Mitigate your risk while minimizing your investments to build a solid security posture

Threat Management​

Our Threat Management methodology and threat hunting experts will help you identify pervasive threats proactively and respond with accuracy and efficiency. Our experts, help you reduce the noise of Threat Intelligence platforms and draw meaningful and actionable intelligence out to suit your needs. Our holistic approach, helps you reap maximum benefit out of threat intelligence, gain insight into the root cause of the incident, and hunt before being hunted. Talk to our experts and discover the steps to launch threat hunting capabilities.

Incident Management & Response​

SIEM has been at the forefront of cyber security for any organization. An industry-proven technology to manage incidents, gain insight into activities, and monitor behaviour anomalies. It forms the core of a SOC (Security Operations Centre) setup and the overall cyber incident management framework. Our “Incident Management and Response” service not only helps you set up your SIEM product from the ground up, but we also help you define and lay down processes to deal with cyber incidents throughout its life cycle. We go a step beyond and help you manage administrative functions of your SIEM platform, such as device integration, custom parser development, rule enhancement.

X-Gen SOC Consulting / SOAR Services

Implementation of SIEM, other security tools, and setting up a SOC are old-school techniques. Modern-day cyber attacks require a more efficient and automated way to deal with incidents. Organizations are working very hard towards reducing MTD (Mean Time to Detect) and MTR (Mean Time to Respond), by minimizing manual tasks and bringing in automation. SOAR helps eliminate slio in security operations and brings in collaboration and efficiency. Our “X-Gen SOC consulting” services, help you realign your priorities and transform the way traditional SOC used to function. We bring in the right set of people, processes, and products to bring in singularity in your SOC operations.

Social Engineering

Phishing, Spear-Phishing, Whaling, C-Level frauds, pretexting calls, and social engineering attacks are on the rise and continuously targeting the users of the organization to open the door. Attackers employ social engineering tactics to steal intellectual property, personal information, and other sensitive data like passwords, bank account details that can harm an organization’s reputation, revenue lost, legal action. Try out our customized real-life phishing exercises designed around your organization.

Why Cyberpwn

LET'S CONNECT

info@cyberpwn.com

INDIA HQ 7th Floor, Fairway Business Park, Near EGL, Domlur, Bangalore, Karnataka, 560071 Phone:+91-80-6193 9301 INDIA|USA|CANADA
Posted on by

Cyber Transformation

Home » Insight »

Cyber Transformation

The industry is going through an era of digital transformation. Every day, new technologies are being adopted, an enormous amount of information is being processed, new partners are being onboarded, new ways of working are being devised, and so on. While the industry is experiencing new ways of doing business, it calls for maintaining a balance between opportunity and risk.

An organization must make proactive and risk-aware business decisions to stay ahead of the curve and enable growth. Cyberpwn’s “Cyber Transformation” services can help you become more risk aware by transforming your information security programs. We help you address your risk and compliance needs in a more efficient and effective way.

What We Offer

Digital Identity Governance

Businesses are growing and crossing geographical boundaries. This expansion results in exponential growth in terms of employees, gig-workers, service providers and so on. And this demands for seamless access to the resources without having to compromise the CIA (Confidentiality, Integrity and Availability) triad of any information or data that is being accessed. Authentication and authorization could be a tricky affair to deal with and could be overwhelming to manage the lifecycle of digital identities across thousands of assets. Management of Digital Identities must be well thought out and based on a scalable framework, ensuring access to the resources is secured. Our “Digital Identify Governance” service follows the “Zero Trust” approach and helps organizations transform their identity and access management program. This mechanism allows an authorized individual to access what he or she is entitled to access and when he or she needs to access.

Advisory & Risk Transformation​

We understand that businesses differ, so are the risk and compliance needs. Not having a robust risk management and governance framework often results in ineffective assessments, unreliable risk, and compliance posture reporting, non-harmonized risk communication across departments. Our Advisory and Risk Transformation service puts the business at the centre, while helping you derive, define and operationalize cyber risk management programs. Our domain experts have extensive experience in designing security frameworks having alignment with industry standards, region, and industry-specific regulations. With Strong technology experts backed by efficient functional SMEs, Cyberpwn offers a closed-loop approach to develop cyber risk management programs at scale.

01 Framework Maturity Assessment

02 Strategy and Program development

03 2nd Line of Defence Services

04 Technology Audit

05 Cyber Ops Support

GRC Technology Transformation

Increasing compliance mandates, technological complexities, and cultural diversification demand for a unified view of risk posture across the board. Organizations can no longer afford to have a siloed approach to this problem statement and expect it to be sustainable, self-reliant, and a budgeted affair. And this calls for a pragmatic approach for managing enterprise risk and being compliant with industry regulations. Therein lies the need for a holistic GRC (Governance, Risk Management, and Compliance framework). A robust GRC framework helps CIOs and CISOs strike a balance between protection and governance. But the dilemma often is the outcome of 3 problem vectors – Vendor Selection, Product Selection, and Budget. On one hand, the organizations struggle to select the right vendor to design and implement their GRC solution, and failure to do so leads to the failure of the entire GRC program. On another hand, the organizations come under tremendous pressure to implement GRC programs under a limited budget, and getting the right combination of an implementation partner and a product becomes a daunting task. Our “GRC Technology Transformation” service helps you transform your 3 LoDs (Lines of Defence) by bringing in a cultural shift within the organization and in the traditional way of managing risk and compliance.

01 GRC Advisory

02 Technology & Transformation

03Custom Integration

04 Managed Service

GRC Technology Transformation Methodology

LET'S CONNECT

info@cyberpwn.com

INDIA HQ 7th Floor, Fairway Business Park, Near EGL, Domlur, Bangalore, Karnataka, 560071 Phone:+91-80-6193 9301 INDIA|USA|CANADA