Get a complimentary pre-penetration test today. Check if you qualify in minutes!

Cloud Security Assessment

Description

Client: Vistra

Category: Product Security

Date: 28 April 2023

Client Background

Vistra is a well-known service provider with a functional reach in many places all over the world. Through fund administration and other corporate services, the company is committed to assisting businesses in improving. By offering support for hiring additional employees, entering new markets, and increasing productivity, it aids its clients in accelerating their growth. In general, it aids businesses in structuring their operations more effectively.

Before they met us

Vistra helps companies to structure their business more efficiently by allowing them to improve through its fund administration and other corporate services.

Vistra’s Cloud environment was showing signs of potential security issues.
We needed to hit the vulnerabilities and determine their impacts.
The main objective of the cloud was to secure the cloud infrastructure to avoid any unwanted incidents.

How We Addressed the Problem?

For the client's cloud environment, we carefully developed a vulnerability assessment and penetration testing approach.
Our team gathered all the data required to address the problems obstructing Vistra's operations.
To evaluate the effects of each vulnerability and offer solutions, we conducted thorough penetration testing.

Methodologies Used

CSPM, SSPM, OSSTMM and PTES,
Standards like NIST and ISSAF
Preparing a Security Audit Report (SAR)

Tools used

<img src="https://i0.wp.com/rsk-cyber-security.com/wp-content/uploads/2022/04/Chat.png?fit=42%2C42&ssl=1">

AWS CLI: to manage and automate AWS resources

<img src="https://i0.wp.com/rsk-cyber-security.com/wp-content/uploads/2022/04/Supervised-user-circle.png?fit=42%2C42&ssl=1">

Prowler: to audit AWS configurations.

<img src="https://i0.wp.com/rsk-cyber-security.com/wp-content/uploads/2022/04/Speed.png?fit=42%2C42&ssl=1">

AWS Consoler: to navigate and interact with the client’s AWS infrastructure.

<img src="https://i0.wp.com/rsk-cyber-security.com/wp-content/uploads/2022/04/Group.png?fit=42%2C42&ssl=1">

AWSENUM: for enumerating AWS resources

Scout suite: to scan for misconfigurations, vulnerabilities, and compliance issues.

Results and Recommendations

<img src="https://i0.wp.com/rsk-cyber-security.com/wp-content/uploads/2022/04/Chat.png?fit=42%2C42&ssl=1">

Vistra’s cloud environment was loaded with vulnerabilities having the potential to completely take down its infrastructure.

<img src="https://i0.wp.com/rsk-cyber-security.com/wp-content/uploads/2022/04/Speed.png?fit=42%2C42&ssl=1">

They were not in line with the necessary cloud security and compliance requirements.

<img src="https://i0.wp.com/rsk-cyber-security.com/wp-content/uploads/2022/04/Supervised-user-circle.png?fit=42%2C42&ssl=1">

We delivered them a complete list of vulnerabilities with their impacts. Plus, we suggested Input Validation and Logout implementation.

<img src="https://i0.wp.com/rsk-cyber-security.com/wp-content/uploads/2022/04/Group.png?fit=42%2C42&ssl=1">

We did a complete review of their security policies and controls and provided recommendations to eliminate vulnerabilities.

Related Case Studies

API Penetration Testing

Web Application Pen Testing

Cloud Security Assessment

External Penetration Testing

Get Secured Today

Request an audit

Locate Us

Headquarter Anerley Court, Half Moon Lane, Hidenborough, Kent, TN11 9HU,
UK.
Contact: +44(0) 1732 833111

UAE Concord Tower, 6th Floor, Dubai Media City, 126732
Dubai, UAE.
Contact: +971 (0) 4 454 9844

USA 580 Fifth Avenue, Suite 820
New York, NY 10036
USA.

India Plot No.14, 5th Floor, Sector-18, Gurugram -122015 Haryana,
India.
Contact: +91(0) 124 4201376

Products

Solutions

What We do

Know More

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Others

+44 789 707 2660

We'd Love to Hear From You