Client Profile
Our client is a Singapore-based fintech, public company that provides digital payment solutions for businesses in Southeast Asia (Singapore, Malaysia, Indonesia and Thailand), ensuring reliable, responsive and secure payment transactions. Their offerings include merchant payment processing (online and offline transactions), digital commerce enabling and sales & rental of smart point-of-sale (POS) terminals.
Business Challenge
Majority of the digital infra was on AWS cloud and the client was not sure of security vulnerabilities that existed in the system. Client wanted a thorough assessment of security vulnerabilities to be carried out confirming to industry standards and closure of the findings to ensure robust digital platform for their business.
LogusIMS Solution
LogusIMS suggested a scheme of vulnerability assessment and remediation measures through step-by-step approach as detailed below:
Step-1: Identification of security standards:
Following 3 security standards were identified to ensure compliance:
- PCIDSS 4.0.1
- CIS AWS Foundations Benchmark
- AWS Foundational Security Best Practices (FSBP)
Step-2: Execution of vulnerability assessment tool:
This step was carried out as detailed below:
- By using AWS Config tool, all the child accounts (where actual AWS instances are running) are configured under AWS ‘Audit’ account
- AWS tool, security hub CSPM was configured to run on Audit account by LogUs IMS team
- Infra level report of findings & breaches was generated by running the CSPM tool
Step-3: Analysis and Remediation:
- Security findings report was carefully analyzed based on findings’ grade (critical, high, medium, low) by LogusIMS
- Appropriate remediation was planned in compliance with security standards listed above
- Client’s approval was sought to implement remediation measures w.r.t few findings
- Planned remediation measures were implemented by LogusIMS team and CSPM tool was rerun to ensure closure of gaps