A UST Global Company

Case Study: Healthcare ProviderApplication Risk Management

SERVICES OFFERED

CyberProof provides a robust Application Security Orchestration and Automation Platform to manage security risks across your entire application portfolio. Together with Avocado Systems, our innovation partner, we offer an advanced solution that provides continuous monitoring of software delivery pipelines, continuous Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Application layer security and protection by embedding deterministic Application Security Service functions into the application itself.

Continuous monitoring of software delivery pipelines, real-time visibility via rich dashboards and reporting

Continuous integration of Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST).

App Security: Dynamic Application Pico-segmentation

App Protection: vRASP enables frontend web and backend apps to self-protect, thwarting attempts to steal data

Keep Applications Safe: Data-Centric Audit and Protection (DCAP), Dynamic Data Masking and User Entity Behavior Analytics (UEBA)

INCEPT

Secure RequirementsHardening

Design Hardening Validate, Test MonitorApplication & DataHardening

DESIGN BUILD RELEASEQA

• National Vulnerability Database• OWASP Top 10• Nation State Threats• Domain Specific Vulnerabilities (PCI, HIPAA, etc…)

SECURITY STANDARDS AND POLICIES

www.cyberproof.com

CUSTOMER CHALLENGEEnterprise and government applications are common targets for malicious attackers. By evading perimeter security, attackers can gain a foothold inside data centers or on public clouds. Once inside, attackers usually can move unimpeded laterally to other systems (also known as ‘east-west propagation’) and steal sensitive data.

An innovative healthcare customer decided to migrate their applications from on-premises datacenters into AWS cloud. During the migration, they created a pilot environment on AWS to test their healthcare applica-tions for security robustness and compliance. During this migration, the customer noticed several intrusions and application attacks from unknown sources. They had strong sense that their applications were constantly being attacked however; they were unable to identify who these attackers were and where they were coming from.

SOLUTION - AVOCADO SECURITY PLATFORMCyberProof in partnership with Avocado Systems deployed the Avocado Security Platform in the AWS pilot environment. Avocado segmented client’s applications by dynamically grouping and segregating apps to prevent or limit penetration and the propaga-tion of potential threats laterally.

Once the Avocado Security Platform was deployed, and applications were ring-fenced in microsegments, the applications were secured. Avocado captured application attacks from various geo-locations around the world. The following report shows a detailed correlation of the applications attacked. In this case, the customer’s MySQL servers were being attacked by malicious attackers and the Avocado Security Platform was able to thwart them, capture all details on attack forensics and sent it to the customer’s SIEM for further analysis.

A UST Global Company

BENEFITSAvocado Security Platform proactively protects applications in data center or in the cloud from DDOS, Malware, APTs, Man-In-The Middle, Zero-day, Injections like SQL injections, session hijacking and spoofing attacks.

Avocado’s advanced micro-segmentation protects applications from other micro-segments and alien application entities, both inside or outside the cloud environment, including Advanced Persistent Threats and malware entities. The creation of micro-segments is fully automated without need for external intervention and policy specifications. The Avocado solution is also extendable, programmable for specific needs of multi-tenancy, business unit hierarchies, and proprietary customer-specific mapping.

mysqid IT (36) 3306 123.249.27.70 3757 4140 336

mysqid IT (36) 3306 61.143.157.115 1308 4140 336

mysqid IT (36) 3306 119.1.109.96 2568 4140 336

mysqid IT (36) 3306 123.249.27.70 4618 4140 336

mysqid IT (36) 3306 59.38.35.243 17529 4140 336

Application Name Customer / Label 1 Department / Label 2 Server IP Server Port Client IP Client port PID Total Rejections

AttackedApplication

Customer Infomasked for privacy

Customer Server infomasked for privacy

Attackers IPAddress

Persistent Threats trying to getin using different port numbers

About CyberProofCyberProof is a security services company that manages cyber risk for enterprise organizations by providing pioneering services, technologies and elite cyber skills that adapt to the evolving threat landscape. Our advanced services, algorithms and orchestration platform provides rapid response and recovery that keeps your world safe from cybercrime.

For more information visit www.cyberproof.com