Case study
Until now, Tailwind Gears has paid an external company to perform security reviews of the architecture, help with threat modelling and a risk analysis, and perform security testing before major releases. They have never been breached and most of the investments so far went into network security. But now leveraging more and more cloud services, they've already been aware that they must do something to be able to detect, respond, and recover.
The IT department already started to use Splunk as their SIEM and ITIM solution and integrate more and more sources that feed data, but until now, the IT department could not be certain whether they would really detect an ongoing attack in real-time. Tailwind Gears decides to change the way they deal with security. They talk to their security partner, and they plan the first red team / blue team simulation. The scenario is an inside attacker to the web application of our DevOps pilot teams.
The simulation takes 3 days and the...
