Cyber Security
Cyber Security Advisory Services
Value Proposition
- Evaluation and Product Fit Report
- Design & Implementation Documents
- Architecture Diagrams
- Standard Operating Procedures and Play Books
- User Guides and Install Guides
- Validation and Testing Documentation

Help in the Design, Architecture and Deployment of Security Products and Solutions.
Approach

Security Product Evaluations
Perform proof-of-concept activities to evaluate the product fit as per the organization requirements.

Solution Implementation

Validation and Testing
Happy clients
Finished projects
Skilled Experts
Media Posts
Our projects make us proud

CST
Scope of Engagement
- Identify the need for security products in the organization
- Procure the right product
- Vendor management
- Design, architecture and produce implementation plans
- Solution Implementation and testing
- Performance tuning

Our Best Services
Our Resources
Some Case Studies and Customer’s Success Stories
Case Study on Cloud Infrastructure Security
Financial Organization
A Fintech startup requested a configuration review of their AWS cloud environment.Some Observations
- We observed multiple issues within their cloud due to misconfiguration by their developers and cloud engineers.
- Unrestricted inbound access to their environment from outside due to Network ACLs and Security Groups misconfigurations
- Unrestricted outbound access from their environment
- Data is not encrypted at rest on their EBS volumes
- Backup snapshots are not found
- Authentication issues of their APIs are observed in CloudTrail logs
- Performance alerts are observed in CloudWatch
- Certain necessary services are not enabled that tracks the configuration issues
Case Study on HackView LENS
Retail Organization
A retail startup requested for Brand Monitoring of their organization from external perspectiveSome Observations
- Passwords are leaked and found in dark web
- Old SSL/TLS versions are found on some applications
- Insecure software versions are being used
- Weak SSL ciphers are observed
- Compromised email ids
- Leaked code in github repositories
- Anonymous discussions on social media
- Exposed network ports
Case Study on Security Risk Assessment
Product Based Organization
A Fintech startup requested a configuration review of their AWS cloud environment.Some Observations
- Unnecessary services are enabled on their servers
- Passwords are not encrypted at rest
- Logging is not enabled on critical services
- There is no authentication on APIs when integrating with other systems and applications
- Production, QA and Development environments have unrestricted network and application access
- Test data from development environment is observed on production systems
- Administrator access was provided to developers
- Default passwords are not changed on the applications
- Password policy was not met according to standards
- Lack of SSL certificates on some services

Our Approach
In many organizations, Cyber Security Risk is evaluated in silos. Assessing risk in silos does not give a full perspective of the risk associated with an application as the risk is inter dependent on various factors and has to be looked into holistically by correlating the risks from multiple sources and the dependencies between them.
We at CST would like to change that paradigm by correlating the issues from various inputs and use our intelligent methodology to provide a Holistic risk view to your applications and to your environment as a whole.
