

Services
Security | Cloud | Automation


COMPLIANCE MONITORING
Be ready to pass compliance audits easily and monitor your environments to be continuously compliant over time:
​
- Compliance certifications: CIS, PCI, SOC2, NIST, ISO27000, Cyber Essentials +
- Compliance reports
- Compliance assessment
- Compliance scope definition
- Security and compliance benchmark monitoring
- Custom serverless functions to monitor and report

SECURE CI/CD PIPELINES
Design and implement secure pipelines for software, infrastructure and golden images:
​
- Secure software development practices
- Secure repositories access control
- Secure Git workflows
- Security testing (SAST and DAST)
- Vulnerability scanning of containers and libraries
- PoLP (principle of least privilege)
- Secrets management with auto-rotation



KUBERNETES SECURITY
Improve the security, monitoring and compliance of your applications running in Kubernetes clusters:
​
- kubectl security (k8s API)
- RBAC authentication
- QoS (Quality of service)
- Secrets management
- TLS
- Pod security (PodSecurityPolicy and
- PodSecurityAdmission)
- Network policy (networkPolicy and mTLS)
- Node security etcd security and encryption
- Ingress controller security
- Container runtime with stronger isolation
%20(1).png)
CYBER SECURITY ARCHITECTURE
Design or Review your cloud architecture from a security perspective and analyse risks based on threat vectors in your application architecture design, such as:
- Private versus public resources
- Network firewall rules revision
- Monitoring and logging centralisation
- WAF (web application firewall) integration
- API security
- Secrets management (credentials, private keys and certificates)
- Ensure PoLP (principle of least privilege)
- Encryption in transit and at rest
- Distributed services security
- Serverless application security


.png)
SECURITY OPERATIONS CENTRE (SOC)
Take advantage of built-in cloud-native security tools or integrate outsourced SIEM platforms to your cloud for a holistic view of cyber security risks:
​
- WS: Config, Security Hub, Guard Duty, Cloud Trail, IAM, S3 access logs and encryption, VPC flow logs.A
- Azure: Sentinel, IAM, Security Centre.
- Cloud agnostic tools: Alienvault, Splunk SIEM, Alert logic, etc.

DISASTER RECOVERY
Easy Disaster Recovery with Infrastructure as Code and well-defined data backups:
​
- Hot-Cold production environment
- IaC with Terraform, Cloud Formation or Azure ARM
- Data backup (DB, S3, secrets, etc.)

Get in
Touch
We’re happy to hear from you. Get in touch today to learn more about our business and how you can benefit from working with us.
+44 (0) 3290 4567 | contact@salvador.cloud | www.salvador.cloud