System and security engineering for the certification of a critical IS
We were integrated into a project to secure an isolated IS for the "Defence & Security" domain. The aim was to support a team in charge of maintaining security conditions and involved:
- Implementing an automated system for auditing the compliance of the equipment;
- Rolling out an integrity check on the servers and workstations;
- Installing and configuring a Log Management solution. Implementing alerts, correlation rules and dashboards;
- Rolling out and configuring a firewall, configuring software firewalls on servers and workstations;
- Writing a library to manage users in the directory and RDBMS;
- Rolling out a HIDS on a platform and integration on the existing one.
Keys to success
Our experience in security engineering work targeting certification.
Our proven expertise in securing open source systems, architecture and integration of security COTS.
Our ability of the contractor to work in a matrix organization with the support of other teams (system engineering, development and configuration management).
Our good communication skills to champion architecture improvement proposals.