Case Study:

Mindtree’s Cloud
Security Posture
Assessment for a
Retail Industry
Giant
Fortify the ever-changing cloud security posture in near real
time and stay protected!

CHALLENGE
 The Client’s application infrastructure was hosted on AWS, and Mindtree managed the Client’s
Development Environment.
 The Client had limited visibility and lacked actionable insights due to the manual process. The
lack of visibility and insights was posing challenges to achieve centralized workload
management, which is crucial to obtain the unified assets view and supervise sensitive
resources across multiple accounts for managing security. Actionable insights were needed for
an in-depth understanding of where the attacks take place in the cloud environment and what
assets are currently under threat.
 The client suffered from a Brute Force Attack, which resulted in a breach, post which, the
client requested to perform Cloud Security Posture Assessment to identify suspicious activities
and behaviors to safeguard their sensitive resources and track attack events in order to
prevent them.
 Users had elevated admin privileges, which is against the security best practices. It was crucial
to remove the excessive permissions to protect the Cloud Infra Security posture.
 Compliance and standards adherence visibility was needed for the client’s Cloud infra. CIS
standards were not adhered to in the client’s cloud environment. Moreover, they were not
compliant with GDPR. Compliance reporting integration was needed to fortify the
organization’s Security Posture, to detect any malicious activities, and to respond to attacks as
soon as they are detected. It is also essential to prevent misconfiguration and
excessive permissions.

SOLUTION
 Mindtree conducted Cloud Security Posture Assessment to identify publicly exposed assets
(Exposed machines, Database storages, etc.) and to assess the compliance of AWS account to
CIS Foundations, NIST, and GDPR
 Cloud Security Posture provided the Cross Cloud Visibility, which offered a unified view across
multiple cloud environments, accounts, and prioritized alerts based on the associated risks
 Identification of the compliance & standards status and misconfigurations quickly to ensure
continuous compliance and raise alerts in case of breach
 Reporting and detection of cloud misconfigurations and malicious activity
 Identification of permissions gap or removing excessive user permissions by applying the Least
Privilege Principle. This helped to prevent misuse or compromises via any cloud accounts
 Custom Rule was implemented as per the customer’s requirements to enable Log status
and tracking
 Risk Based, Cross Cloud - Actionable Insights were implemented

www.mindtree.com info@mindtree.com
 BENEFITS
 Below benefits were achieved with Mindtree’s Cloud Security Posture Assessment:
 Fortifying the Cloud Security posture
 1 Click Compliance Reporting
 Advance detection of anomalous user activities
 Automated threat detection
 Prioritizing the risks, getting recommendations, and remediation
 Effort Saving, Increased productivity due to automated Security Assessment

Leverage AI/ML tools to get visibility Closure of open ports in the exposed
in minutes machines to prevent threats, data
breaches, potential attacks and blocking
them before the data loss happens and to
meet the compliance standards like CIS
Spend efforts in performing actions and GDPR
on remediation rather than on
identification using logs Out of the box compliance reporting
leading to saving manual effort

Detection of publicly exposed assets

and identification of excessive and Improved compliance as per CIS
unused permissions Foundations, NIST, and GDPR

ABOUT MINDTREE
Mindtree [NSE: MINDTREE] is a global technology consulting and services company, helping enterprises marry scale with
agility to achieve competitive advantage. “Born digital,” in 1999 and now a Larsen & Toubro Group Company, Mindtree
applies its deep domain knowledge to 275+ enterprise client engagements to break down silos, make sense of digital
complexity and bring new initiatives to market faster. We enable IT to move at the speed of business, leveraging emerging
technologies and the efficiencies of Continuous Delivery to spur business innovation. Operating in more than 15 countries
across the world, we’re consistently regarded as one of the best places to work, embodied every day by our winning culture
made up of over 22,000 entrepreneurial, collaborative and dedicated “Mindtree Minds.”

www.mindtree.com info@mindtree.com