Client Profile
The client is a digital solutions provider offering cloud-based platforms for online payments, e-GIRO services and procurement management. The company was founded in 2014 and they are operating in Singapore and Malaysia. The client supports businesses with secure transaction processing and streamlined procurement workflows, to automate ordering, invoicing, and payments for businesses, especially in F&B with a focus on efficiency, financial control and real-time data for better decision-making.
Business Challenge
The client needed clear security visibility across their AWS environment and application layer security. They did not have real-time monitoring for suspicious AWS activity, audit tracking for administrative actions or sufficient protection against web application attacks, increasing potential risk exposure.
LogusIMS Solution
LogusIMS team deployed a layered security solution across AWS infra and application edge as detailed below:
AWS Cloud Security measures:
- AWS GuardDuty service was configured to continuously monitor and detect threats like unauthorized access attempts, unusual API activity and compromised credentials.
- AWS Security Hub service was configured to monitor AWS security controls and alert compliance findings
- AWS CloudTrail service was configured to log all AWS account actions for auditing and investigation. Such data would then be used for governance, compliance, and security auditing
Application edge security measures:
- Cloudflare WAF was implemented to protect applications against OWASP Top-10 threats, bot traffic and malicious IP addresses.
- Configured Content Security Policy (CSP) at webserver level to mitigate cross-site scripting risks and data injection attacks.
- HTTP Strict Transport Security (HSTS) was configured to enforce secure HTTPS communication.
- Weak SSL/TLS ciphers were disabled to maintain strong encryption standards.