It is critical to understand which security tasks are handled by the cloud provider and which tasks are handled by you. The security and compliance responsibilities vary depending on whether the workload is hosted as Software as a Service (SaaS), Platform as a Service (PaaS), or Infrastructure as a Service (IaaS). A detailed security assessment from Netragard can provide you with a security framework to help protect your cloud assets and identify misconfigurations.
Defining the line between your security responsibilities and those of your cloud provider is imperative for reducing the risk in your public, hybrid, and multi-cloud environments.
You are responsible for protecting the security of your data and identities, on-premises resources, and the cloud components you control (which varies by service type). For all cloud deployment types, you are responsible for your Data, Endpoints, Accounts, and Access Management.
Netragard will test your cloud environments for misconfigurations that hackers may exploit to compromise your systems and data. This process starts by analyzing the cloud subscription in order to understand which services are in use and how they are configured. As services are identified, we conduct a deeper inspection to identify the potential risks and improvements. Following the completion of the assessment, we will provide you with a report detailing recommendations that are in line with best practices to help prioritize findings.
We have expertise in the following cloud service provider networks:
Philippe has over 10 years of experience in the banking and financial sector that includes security assessment of large and complex infrastructures and penetration testing of data & voice networks, operating systems, middleware and web applications in Europe, US and Middle East.
Previously, Philippe held roles within the information system security department of a global pharmaceutical company in London. While working with a heterogeneous network of over 100,000 users across the world and strict regulatory requirements, Philippe gained hands-on experience with various security technologies (VPN, Network and Application Firewalls, IDS, IPS, Host Intrusion Prevention, etc.)
Philippe actively participates in the Information Security community. He has discovered and published several security vulnerabilities in leading products such as Cisco, Symantec and Hewlett-Packard.
He is a Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), PCI Qualified Security Assessors (PCI-QSA), OSSTMM Professional Security Analyst (OPSA), OSSTMM Professional Security Tester (OPST), Certified in Risk and Information Systems Control (CRISC)and Associate Member of the Business Continuity Institute (AMBCI).