Mitigation of Cyber Attack Risks by 98.7 percent for the MedTech Project

Business Task

To enhance the security level of the MedTech platform to comply with GDPR, NIST, and to protect the platform against hackers and the cyberattacks that have increased tremendously in 2020.

The Dysnix team's task was

• To run white and black box penetration tests of the current infrastructure
• To prepare a list of recommendations for the application to achieve the highest security level
• To consult the in-house team on how to fix the application vulnerabilities
• To build new high-secure infrastructure on AWS implementing all well-known security practices and using the most advanced technology stack
• To further maintain and conduct a regular security audit of the developed infrastructure
• To ensure early warning of possible hacking attempts

Solutions

• Build a highly-available, secure, multizone, and scalable Kubernetes-based server infrastructure on GCP with private topology
• Build a cost-effective infrastructure
• Full implementation of Infrastructure as Code using Terraform
• Design and implementation of monitoring and alerting systems with custom business metrics
• Build a log aggregation system with a user interface and alerting tools

Value delivered by Dysnix

• The building of a reproducible infrastructure applying the Infrastructure-as-Code approach. It enables the management of all the environments easily, to mitigate vulnerabilities, the human factor impact on the platform stability and security
• We mitigated cyber attack risks by 98.7 percent, and penetration tests proved this. They were held by https://www.trustwave.com
• Continuous mentoring and consultancy of the in-house team. It helped to implement all the necessary changes to enhance the security of the back- and front-end application in the short term - 1 month
• Together with the in-house team, Dysnix continues supporting the project