Overview
HCLTech Cybersecurity & GRC Services provides a comprehensive suite of cloud-based security solutions that help enterprises mitigate cyber risks, secure their cloud environments, and achieve compliance. Its Managed Security Services leverage advanced threat intelligence, automation, and an experienced roster of skilled specialists to detect, respond to and remediate security incidents and provide continuous security monitoring and management that helps customers stay ahead of evolving cyber threats.
HCLTech’s decades of experience and cross-industry expertise in enabling resilient and dynamic cybersecurity solutions for its customers has been powered by deep investments towards our cloud security transformation capabilities. Today, HCLTech possesses the necessary range of technical and operational competencies that align with the AWS Level 1 Managed Security Service (MSSP) standards.
Client success stories
Customer profile
The client is a state government transport agency city operating out of Sydney, Australia
Busniess challenges
- Security assurance of applications while transforming and re-hosting the applications and related infrastructure on AWS
- Greenfield Cloud security design for multi cloud environment using cloud native services to the maximum possible extent which covers all aspects of security and meets “Cloud Security Alliance (CSA)” standards and best practices
- Automation and security of Dev-Ops environment.
Value delivered
- All AWS assets have the Qualys cloud agent installed, which is performing a real-time vulnerability assessment
- A total of 16.5 K vulnerabilities were fixed
- Continuous assessment and reduction of the organization's security risk
AWS Services
- AWS Native Solutions - AWS IAM, Amazon Inspector, Amazon GuardDuty, AWS Security Hub, NACL, Security Groups, AWS Shield Adv, Cloud HSM/KMS, AWS WAF, CloudWatch, etc.
Our solution
- Review of infrastructure, application, resilience, and security aspects
- We helped the client build a security framework and solutions design that adhere to “Cloud Security Alliance CSA” standards and cover all areas of infrastructure, application, and data security
- Security controls matrix and zoning model that best meet the needs of the client as per the findings of the HCLTech assessment
- In-depth analysis of the native security controls offered by AWS and multi cloud platforms to identify the strengths and weaknesses with respect to similar third- party solutions.
- Automation during the build phase, planning the build strategy using all native infrastructure as code services, such as AWS Cloud Formation Template
- Build and use of hardened and secure golden images based on CIS benchmarks.
- Usage of serverless technologies, such as Amazon Lambda to feed malicious IP information exchange to achieve faster response.
- Constructing a Centralized SIEM for monitoring and alerting on a multi cloud environment
Customer profile
The client is one of the largest banks in Europe with operations in Ireland.
Business challenges
- Deliver complete vulnerability posture of all AWS instances (6000+ AWS assets) through Qualys VM service
- Ad-hoc, weekly and monthly vulnerability reports of AWS instances
- Integration of AWS environment with Qualys and have vulnerability comprehension from AWS console itself
Value delivered
- No SLA breaches
- Seamless remediation of vulnerabilities
- Provided ongoing capture and scanning of internal and external traffic across servers to identify vulnerabilities and malicious activity.
- Provided data history for last 13 months to customer as per the requirement
- HCLTech security AWS solutions enabled enterprise monitoring across all environments for the client.
Our solution
- To find and identity weaknesses and gaps throughout the customer’s AWS infra, HCLTech offers the VERITY service.
- HCLTech employs a hybrid scanning methodology that relies on both cloud agents and AWS Scanner. The service offered is as follows:
- Executing Host Discovery scan for Subnets/IP range related to AWS
- After comparing the identified asset with the current asset inventory / CMDB, adding the asset to the Qualys platform with the appropriate Asset Tag & Group.
- Post confirmation from the HCLTech/Customer-AWS Infra team, the VM team includes newly discovered assets in the scheduled scan.
- Schedule Scans for assets based on the Asset Tag confirmed by the Client.
- Bi-weekly reports to the client's AWS team and a monthly report of all AWS assets
- Supporting the patching team in remediation actions by sharing remediation processes and workarounds for vulnerabilities that have been found.
- As part of Vulnerability Management Governance, follow up on remediation with the AWS team and monitor the vulnerability closure status.
Our solutions and offerings
The cloud today offers unprecedented scale, agility, and increased efficiency. Customers are adopting AWS cloud to accelerate digital transformation to drive tremendous speed and efficiency gains in the way businesses exchange information, collaborate and innovate. But this mass adoption of AWS cloud technology, also exposes digital businesses to newer and more sophisticated cyber threats. Enterprises need a holistic solution to securely transform their businesses has never been stronger. HCLTech’s Cybersecurity as a Service (CSaaS) precisely leverages its Borderless Security Reference Framework to empower secure AWS Cloud solutions. With HCLTech CSaaS, organizations benefit from a holistic solutions approach built on industry best practices.
Routinely scans AWS infrastructure by implementing changes and controls that increases resource inventory visibility and enables businesses to quickly achieve compliance targets such as CIS AWS Foundations, ISO 27001, HIPAA, HITRUST, MITRE ATT@CK, PCI DSS and SOC2 with automatic updates.
Our 24/7 alert and response system, ensures anytime-anywhere data security controls and monitoring of all enterprise data on AWS. With full visibility into security alerts, it consolidates the list of security events, highlights priority security events and offers expert guidance on recommended remediation.
Adds a layer of protection that enables end-to-end security across AWS endpoints that further secure containers and serverless environments and increases overall security posture. It also increases visibility and resilience to Distributed Denial of Service (DDoS) attacks.
Our dynamic model based on digital identity solution frameworks prevents unauthorized access from internal and external threats, securing privileged and unprivileged user identities across AWS networks.
Protects applications operating on AWS workloads against common exploits by deploying native and third-party controls. This enables easy application migration and secure access to applications from anywhere.