Mitigation of Cyber Attack Risks for the MedTech Project

Mitigation of Cyber Attack Risks by 98.7 percent for the MedTech Project

ExplORer Surgical focuses on real-time surgical procedure data acquisition and management. The ExplORer system is a workflow management tool designed to manage tasks and tools for surgical teams.

They help surgical teams coordinate their tasks and tools by providing interactive workflow management software for use during surgical operations.

Business Task

To enhance the security level of the MedTech platform to comply with GDPR, NIST, and to protect the platform against hackers and the cyberattacks that have increased tremendously in 2020.

  • The Dysnix team's task was

    • To run white and black box penetration tests of the current infrastructure
    • To prepare a list of recommendations for the application to achieve the highest security level
    • To consult the in-house team on how to fix the application vulnerabilities
    • To build new high-secure infrastructure on AWS implementing all well-known security practices and using the most advanced technology stack
    • To further maintain and conduct a regular security audit of the developed infrastructure
    • To ensure early warning of possible hacking attempts
  • Solutions

    • Build a highly-available, secure, multizone, and scalable Kubernetes-based server infrastructure on GCP with private topology
    • Build a cost-effective infrastructure
    • Full implementation of Infrastructure as Code using Terraform
    • Design and implementation of monitoring and alerting systems with custom business metrics
    • Build a log aggregation system with a user interface and alerting tools
  • Value delivered by Dysnix

    • The building of a reproducible infrastructure applying the Infrastructure-as-Code approach. It enables the management of all the environments easily, to mitigate vulnerabilities, the human factor impact on the platform stability and security
    • We mitigated cyber attack risks by 98.7 percent, and penetration tests proved this. They were held by https://www.trustwave.com
    • Continuous mentoring and consultancy of the in-house team. It helped to implement all the necessary changes to enhance the security of the back- and front-end application in the short term - 1 month
    • Together with the in-house team, Dysnix continues supporting the project