- Client: SingPost
- Date: 2017
- Skills: Cloud Security, AWS Expertise
SingPost also implements custom solutions as requested by the client. E-commerce hosted Security is a part of the Information Security framework and is specifically applied to the components that affect e-Commerce including Data security and other wider realms of the Information Security framework. E-Commerce security is the protection of eCommerce assets from unauthorized access, use, alteration, or destruction. Dimensions of e-Commerce security include Integrity, Non-repudiation, Authenticity, Confidentiality, Privacy, Availability.
- AWS CloudFront to serve static and dynamic web content and to reduce latency to end user and speeds up distribution.
- Lambda Functions to update IP’s which crossed the threshold limit of the requests which protect eCommerce websites from DDOS attacks.
- Lambda Functions to update CloudFront IP’s on ALB security groups which helps in restricting access from public.
- Security Monkey to perform continues audit on CloudTrail logs and policy changes, in case of any abnormal activity it will trigger an email to DevOps/support team.
- AWS Config rules on all supported services which helps to audit and evaluate configurations and keep a record of all configuration to review changes in account.
Graylog2 setup for centralized logging, monitoring, and SIEM.
Moving forward, as it progresses to the web servers, where the Deep Security Agents are installed. The Deep Security solution provides comprehensive protection, including:
- Deep packet inspection enabling Intrusion detection and prevention (IDS/IPS), web application protection, and application control
- Stateful firewall
- File and system integrity monitoring