aricoma logo avatar

#1 in Enterprise IT

Cloud security

We know how to protect your data in a digital environment. We have solutions to provide a secure and reliable cloud for your data, your users and your entire organisation.

Our solution

We specialize mainly in the security of cloud platforms from Amazon (AWS) and Microsoft (Azure), for which we have a trained and certified team of specialists with extensive experience not only in the cloud environment, but also in the field of ethical hacking.

Cloud Security Assessment
Cloud Outer Perimeter Security. An assessment of the security of your cloud infrastructure exposed to the public internet to identify potential threats and risks, allowing attackers to infiltrate or exfiltrate corporate data and other sensitive information from your cloud environment.

Compliance testing against security standards. Verify the current configuration state of your cloud environment against commonly known recommendations based on the CIS benchmark or against sets of security metrics from the cloud service providers or the community themselves.

Configuration audit of selected services.
Overall verification of the current configuration of selected cloud services against a range of individual "best-practice" and security recommendations. Both using automated tools and enumeration frameworks, as well as a large proportion of manual tests and partial configuration verifications, in order to identify configuration gaps and propose optimal solutions.

For the security of your cloud environment, we recommend regularly checking its configuration to make sure it is in line with your business requirements. Cloud Security Assessment gives you the opportunity to remove unnecessary users, roles, groups and IAM policies, ensuring that your users and software have only the necessary permissions to do their required jobs.​

Detailed description

Outer perimeter cloud security
  • Identify IP ranges of cloud infrastructure.
  • Enumeration of running services and their versions.
  • Exploitation of found vulnerabilities.
  • Realistic simulation of an attacker from the Internet (blackbox test).
  • Identification of potential leaks of sensitive data and access.
  • Detection of vulnerabilities due to misconfiguration of services. 

Compliance tests according to safety standards
  • ​Getting the most current configuration state.
  • Verification against CIS/PCI-DSS/HIPAA.
  • Evaluation of compliance or non-compliance with the selected benchmark.
  • Proposed solutions for the findings. 

Configuration audit of selected services
  • ​Decide for yourself which cloud services will be fully tested.
  • We draw on a range of best-practice recommendations beyond the normal compliance tests. We utilize a variety of sources (Azure/AWS documentation, the security community, our own experience, and others) to offer you best in class solutions.
  • We offer a balance of manual and automated configuration auditing by our qualified specialists for selected native cloud services.​
Our Cloud Security Assessment generally involves examining the security of your cloud solution in a number of areas, uncovering various configuration flaws and providing you with a number of recommendations to maximize security that exceed these areas:​
  • identity and access management, 
  • virtual private cloud, 
  • databases, 
  • network security groups, 
  • advanced threat protection, 
  • encryption, including key and password storage security, 
  • application security, 
  • storage security, 
  • patching and instance management, 
  • tracking and monitoring configuration changes, and many other cloud sub-areas.

Benefits

  • When analysing configurations, we emphasize manual reviews that lead to the discovery of more errors than the conventional automated solutions. 
  • We enable detailed security audits by combining several security disciplines. 
  • We have the solutions to provide a secure and reliable cloud for your data, users and your entire organization.
  • We are one of the most established market leaders, offering know how to protect your data in a digital environment.
  • We listen to our clients and tailor our services to their needs and time constraints. 
  • We build our services on years of experience and time-tested standards.​​
Share

DO NOT HESITATE TO
CONTACT US

Are you interested in more information or an offer for your specific situation?

By submitting the form, I declare that I have familiarized myself with the information on the processing of personal data in ARICOMA.