For the best experience, try the new Microsoft Edge browser recommended by Microsoft (version 87 or above) or switch to another browser – Google Chrome / Firefox / Safari
Consistency, uniformity and repeatability are key to successful security implementations. Identifying scope drift and being able to audit and report on the implementations dramatically improves compliance and reduces risk.
Xoriant experts will streamline analysis, automate incident response, and trigger rapid security actions while enhancing the impact of your human analysts. Machine-based accelerators detect, investigate and execute security actions to remediate cyber- threats. These actions work with and without human intervention to identify incoming threats so your team can respond quickly and efficiently.
Enhancing Your Security Posture
Automated CyberArk Deployment and Upgrade
CyberArk helps eliminate cyber threats that use insider privileges to attack enterprise systems. For large organizations, installing or upgrading CyberArk can be very time-consuming due to the manual effort required. This service provides large-scale automation of upgrades and installations of CyberArk components, reducing IT time and labor while increasing deployment agility.
Scope of Services:
Requirements gathering and analysis
Identification of CyberArk component customizations
Identification of CyberArk component configuration
Identification of CyberArk integrations
Hardening and communications of CyberArk components inside and outside domains
Hardening and permissions to and from CyberArk components, automation tools, endpoints
Gap analysis and remediation recommendations including feasibility and remediation for any missing requirements/tools for automating installations
Automated installation of Enterprise Password Vault, Central Policy Manager, Privileged Session Manager and Password Vault Web Access
Automated upgrade of all CyberArk components
Customization and integrations required as an add-on service (independent needs-based SOW)
Automated Account Hardening - AWS
Before your AWS account can be used for application workloads, a collection of configuration steps must be executed for each provisioned account. Automating the entire configuration using various AWS services, as well as Jenkins and Python, ensures that all steps are executed. Any risk to the AWS infrastructure is mediated by following AWS best practices and CIS Level 2 standards. The solution also provides a high level of resources and security isolation with help from AWS Identity and Access Management (IAM).
Scope of Services:
Information gathering and assessment of existing AWS infrastructure
Security risk gap analysis and reporting on assessment findings
Enforcement of policies based on AWS best practices and CIS standards e.g. Password Policy of default network components, etc.
Auto-remediation of vulnerabilities using serverless security services
Intelligent threat detection and auto-remediation
Consistent resource deployment approach to all organization accounts
Automated Account Hardening – Azure
A series of configuration steps must be executed for each provisioned Azure account before it can be used for application workloads. The automated configuration uses various Azure services, Terraform, and Ansible, to help ensure that all the required steps are taken, any risk to the Azure infrastructure is reduced by following Azure best practices and CIS Level 2 standards. Azure Policy and Azure AD help to maintain a high level of resources and security isolation.
Scope of Services:
Information gathering and assessment of existing Azure infrastructure
Security risk gap analysis and reporting on assessment findings
Enforcement of policies based on Azure best practices and CIS standards e.g. Azure Policy, VPC Flow Logs, removal of default network components, etc.
Auto-remediation of vulnerabilities using serverless application security services
Intelligent threat detection and auto-remediation
Consistent resource deployment across all organization accounts
Automated Just-in-Time Access Management
Customers struggle to manage the massive amounts of data in production systems while avoiding the serious risks incurred if access is not strictly controlled. However, troubleshooting production incidents require giving temporary access to support teams. New projects may also require temporary access for entities internal or external to your controlled systems. In most cases, admins provision access manually, which can result in errors or situations where access is not revoked automatically on expiry--another serious risk.
Implementation of just-in-time access for your environments (single, multi-cloud, or hybrid) addresses these challenges, improves turnaround times, auto-scales access, secures credentials, and provides an access management audit trail to ensure better control across all environments.
Scope of Services:
Deploy a serverless access provisioning framework
Configure Vault / Secret Managers depending on the cloud platform
Configure the integrations/workflows in request management systems, e.g. Jira /Remedy / ServiceNow
Configure audit and log shipping to SIEM
Customize framework as needed
Advanced Threat Defense and Threat Intelligence Exchange
Implementation of ATD helps counter zero attacks, enables AI/ML smart automation features, and provides an on-prem TIE server for faster threat response and remediation.
Scope of Services:
Implementation of on-prem threat intelligence
Integration of all security modules for inter-communication with all security products using the OpenDXL layer
Automated response and remediation with EDR components
