Devoteam A Cloud Consulting Offer
Based on HARPO, our own security audit tool, assess the level of technical and functional security and compliance of your cloud environments, including cloud platform, CI / CD chain, network, serverless components, containers, applications and get experiences remediation guidance from cloud security experts.
Starter Package Deliverables
- Audit report: evaluation of good practices and compliance, vulnerabilities and non-compliances with internal and external referentials (internal policy, ANSSI / CSI / CSA / AWS matrix, PCI-DSS / GmP / GDPR other national & international legislations), classified by level of criticality, list of remediation measured, grouped into a prioritized and budgeted treatment plan
- Restitution: presentation support of the results, adapted to the different target audiences (operational and decision-making teams)
- During the audit, on-the-fly knowledge transfer on good security practices and immediate alerts in case of detection of a critical vulnerability / non-compliance
- Identification of the audit scope (accounts, services, platforms..), level of depth and referents to be interviewed
- Assigning RO access rights to perform automated security tests with HARPO tool
- Providing internal referential (architecture diagram, security policy)
- Availability of referents aiming to participate in interviews
Scoping of the on-demand audit on following themes: AWS accounts, managed services, IAM, network & remote accesses, encryption, resiliency, containers, patch management, incident handling, monitoring, control disposal and security guardrails etc.
Conducting the audit: automated analyses via out in-house tool (HARPO) and interviews.
Formalization of the recommendations and action plan, validated with the operational teams (pre-restitution).
Presentation of the results of the audit during a restitution meeting and discussion on the remediation plan.
Customer Ready Solutions
Quickly and efficiently identify security vulnerabilities and non-compliance in your environment with our in-house scans customized for cloud & CICD environments. Highlight your security best practices. Benefit from a remediation plan adapted to your organization’s realities and increase the knowledge and accountability of your teams on the audited services & components.