Leveraging our background in financial services and enterprise IT, RedBear has had a strong interest in Cloud security aspects since our initial cloud migrations. A security first approach has become central to implementations and integrations. As we started our Cloud managed services in 2015, we began with Cloud penetration testing and more in-depth Cloud security and cyber security aspects. This has now evolved to become our ‘superpower’, recognised as one of the most capable Cloud Security firms in the region providing Cloud security related assessments, remediation, hardening and managed services of Cloud hosted applications and workloads and the underlying infrastructure.
RedBear provides a series of connected cybersecurity services to allow RedBear clients to attest too or migrate towards a modern Information Security Continuous Monitoring (ISCM) cybersecurity system as outlined by NIST (National Institute of Standards and Technology). The RedBear continuous Cyber Security Monitoring 24/7 platform as configured is compliant to Australian financial sector expectation of privacy and strong data security measures.
RedBear leverages the overall NIST framework for our services offerings and relevant demarcation of the hand off points where several teams are involved across multiple parties.
The RedBear’s Cyber Security monitoring and management services offering are customised to suit specific client environments and workloads.
Cloud Security Assessment
What would be the impact if your database was compromised? What consequences would you face if a malicious outsider gained access to your cloud environment? How can you be sure there is not a misconfiguration in the infrastructure? Ensuring cloud security begins with a Cloud Security Assessment.
RedBear’s Cloud Security Solutions can help your organization feel at ease that your hosting environment is secure and that you are able to provide the services you’ve promised to your clients. We are experts when it comes to auditing the cloud and provide the right AWS Cloud Security Solutions to your business.
Companies are realising the benefits of moving infrastructure and services to the cloud but often without fully understanding the security implications. Penetration testing is the process of simulating real cyber-attacks against your own systems in order to discover potential security holes that attackers can take advantage of.
Our cloud security penetration test will identify deficiencies in cloud security architecture, identify vulnerabilities in applications and provide recommendations to improve security of your cloud system.
Undertaking cloud specific penetration testing by a team that understands cloud is important as cloud infrastructure is different to traditional security paradigms.
At RedBear, we’re committed to building partnerships with clients. More companies are adopting the cloud. However they can’t overlook the need for Cloud specific data security, effective network testing and robust information security strategies.
Compliance in the cloud is critical because data-driven organisations and not cloud providers are responsible for due diligence such as protecting personally identifiable information and health, legal and financial data.
We can assess the compliance requirements of your Cloud environment and provide a detailed report. From there, we can remediate any issues that have been identified or assist your team in the process.
Rapidly responding to security events is critical to ensuring the security of your customers and their data. Security starts with visibility of your environment – from the underlying services through to your business applications. Modern Cloud platforms offer deep instrumentation resulting in billions of events that need to be processed and assessed for potential incidents. RedBear works with a number of Cloud focussed modern solutions to help our customers gain build a Cloud hosted SIEM solution covering the following.
- Ingestion of source data from Cloud platforms (AWS and Azure), SaaS solutions (such as Microsoft 365), network devices, collaboration tools and business applications. Ingestion includes the development of custom processing as required for volume efficiency or to derive specific information required to determine the threat category;
- Use machine learning and analytics to identify unusual or suspicious activity in the environment;
- Using threat intelligence to enrich events and reduce false positives;
- Provide dashboards for trend analysis and overall status;
- Integration of alerting on suspicious behaviour into existing IT management solutions, such as ServiceNow and Jira, to allow for investigation and remediation.
- Enable auto-remediation of known issues for Cloud environments.
With an ever evolving threat landscape, and a shortage of appropriately skilled and trained security personnel, organisations are more and more relying on Security Orchestration, Automation and Response (SOAR) to rapidly response to known threats. RedBear maintains a library of auto-remediation actions that can be enabled for Cloud environments, reducing resource requirements, speeding time to resolution and, of course, operating 24×7!
With dynamic Cloud environments, environments and endpoints can be ephemeral in nature, often living for only hours or days. Visibility of these environments remain crucial to ensure the security of your customers and their data. Traditional models of service tickets for changes no longer work in dynamic environments. RedBear’s automation includes auto-discovery of new endpoints and their integration into the SIEM solution.
One of the easiest things you can do to enhance the security of your environments is to keep them regularly patched. With diverse environments and limited resources, it can be challenging to know where to focus your patching efforts. Vulnerability Management can be implemented to understand the risk and exposure of your key assets, covering both operating system and application component dependencies. Vulnerability management of your environment will ensure that key environments are appropriately patched and that new vulnerabilities are flagged and remediated in a timely manner.
Regular security testing and threat modelling of your business workloads and their environment is key to understanding potential vulnerabilities that can be resolved through code or configuration changes. Having the capability to pro-actively test during the development lifecycle and once in the production environment allows you to reduce risk and deliver changes faster and more securely. Adding automated security testing into your pipeline will reduce the cost of resolving any defects before they become a problem.
HRG Australia is the Australian division of an international corporate travel services company. The international roll out of a new key business application was a miss match with existing regional IT infrastructure and systems.
RedBear IT saved approximately $1 million in planned capital expenses to satisfy new application requirements.
– Steve Ash from HRG Australia