Caso Práctico
System and security engineering for the certification of a critical IS
Industry
- Aerospace & Defence
Context
- We were integrated into a project to secure an isolated IS for the "Defence & Security" domain.
Challenge
The aim was to support a team in charge of maintaining security conditions and involved:
- Implementing an automated system for auditing the compliance of the equipment;
- Rolling out an integrity check on the servers and workstations;
- Installing and configuring a Log Management solution. Implementing alerts, correlation rules and dashboards;
- Rolling out and configuring a firewall, configuring software firewalls on servers and workstations;
- Writing a library to manage users in the directory and RDBMS;
- Rolling out a HIDS on a platform and integration on the existing one.
Keys to success
- Our experience in security engineering work targeting certification;
- Our proven expertise in securing open source systems, architecture and integration of security COTS;
- Our ability of the contractor to work in a matrix organization with the support of other teams (system engineering, development and configuration management);
- Our good communication skills to champion architecture improvement proposals.