Home > Case studies

Case Study

System and security engineering for the certification of a critical IS

Security Engineers discussing how to secure open source systems
Industry
  • Aerospace & Defense

 

Context
  • We were integrated into a project to secure an isolated IS for the "Defense & Security" domain.

Challenge

The aim was to support a team in charge of maintaining security conditions and involved:

  • Implementing an automated system for auditing the compliance of the equipment.
  • Rolling out an integrity check on the servers and workstations.
  • Installing and configuring a Log Management solution. Implementing alerts, correlation rules and dashboards.
  • Rolling out and configuring a firewall, configuring software firewalls on servers and workstations.
  • Writing a library to manage users in the directory and RDBMS.
  • Rolling out a HIDS on a platform and integration on the existing one.

Keys to success

  1. Our experience in security engineering work targeting certification.
  2. Our proven expertise in securing open source systems, architecture and integration of security COTS.
  3. Our ability of the contractor to work in a matrix organization with the support of other teams (system engineering, development and configuration management).
  4. Our good communication skills to champion architecture improvement proposals.