Our security service packages

<< Back

basic

package

DevOps

DevSecOps

SAST for the source code in CI/CD

Container Registry Reporting & Auditing

Scan Docker images for vulnerabilities at OS level

Scan Docker images for vulnerabilities at technology packages level(Java/NodeJS packages etc)

Enable Docker image hardening

Enable Content trust, only signed images are allowed to be pushed

RBAC for Docker registry

Container compliance(CIS/NIST/PCI DSS)

Enable DAST in the pipeline

Enable IAST

Enable RASP/In-app WAF/In-container IDS

Kubernetes – check containers before deployment to Kubernetes

Kubernetes RBAC and SSO

Kubernetes protection from misuse of Compromised Credentials

Kubernetes Logging and Auditing

API

Enable API Gateway Authentication via OpenID Connect/OAuth2

Enable enterprise user identities store – LDAP, Active Directory, LDAP as a Service

Enrich user attributes

Integrate with IDM

Enable impersonation out of the box

Microservices SSO/Federation

Secrets management

Proper key management for APIs

Kubernetes key management

Docker key management

Integrate Hashicorp Vault into the applications

Enable Hashicorp Dynamic Secrets

Keys Audit Logs

Personal keys for developers

Key management for applications(Spring/NodeJS etc.)

Encryption Key Rolling

SIEM

Enable every microservice/app to send logs to SIEM(Spring/NodeJS etc.)

Make sure all events are in the required format(when/where/who/what)

Send API events to SIEM

Send RASP events to SIEM

Send Docker/Kubernetes events to SIEM

Visibility

Visibility of the microservices interaction

top

advanced

package

+Data

BASIC +

Data security

Data security at rest

Data security in transit

Data redaction, subsetting and masking

Database transparent encryption – data files/tablespace level

GDPR for applications(Spring/NodeJS etc.)

Redact data on developers machines

Personal data, including phone numbers, country of residence, and address, get encrypted and hashed

Enforce customer data-sharing consent for regulatory compliance

User profile page

Secure personal data at the level of each microservice

Data access logs at database level, send to SIEM

Visibility

Visibility of GDPR personal data

ultimate

package

+IAM

ADVANCED +

Identity Management

Integrate applications with existing IAM system as a central source of identity

Manage application accounts via IAM

Manage permissions, groups and roles via IAM

Certify/audit access to the app via IAM

CIAM – self registration and password management

Seed initial access to the app for the required users with IAM

Social Authentication – Facebook, Google, GitHub etc.

SCIM

Self-service access portal

Access Management

Passwordless authentication

Adaptive step-up MFA

MFA ouf of the box

OIDC and OAuth 2.0

API authentication and authorization

Access audit and logging

Privileged access to any application

Visibility

Visibility of user identities across applications

Contact us

We reply within 24 hours during our business hours.

DevOps Squad

sales@devopssquad.at

Contact us

DevOps Squad

+43 720 971 264

Mühldorfgasse 10A, 3001 Mauerbach bei Wien