Security by design
Audit & DevSecOps
Just like having a solid and agile infrastructure, IT security is a key factor in ensuring the growth and competitiveness of a business.
The value of data and applications must not be compromised. Security is an essential promise of trust made to a company’s partners and customers. Finally, it is a reputational issue and a question of assuming full responsibility, for the benefit of the wider public interest.
Iguana Solutions addresses all of these challenges with its three-fold security strategy: the DevSecOps approach, consulting and security auditing.
The constant and joint involvement of the development, operations and security teams ensures the implementation of an effective security plan, from platform design and development to deployment and maintenance, under operational conditions.
The DevSecOps approach adheres to the pace of DevOps deliveries.
Having obtained ISO/IEC 27001: 2013 Certification for all of its outsourcing activities, services and products, Iguana Solutions’ decision to commit to the DevSecOps approach has been fully justified.
The Security Operations Center, the Iguana Solutions’ security division, monitors and analyses the security systems in place and actively monitors methods and processes for anticipating new threats.
Iguana Solutions ensures the traceability, supervision and management of web platforms by using infrastructure and network monitoring tools, as well as encryption and cybersecurity solutions. Automation mechanisms ensure the continuous integration of security issues.
- Metrology & monitoring
- Web application firewall
- Detection & anti-crawler
- Continuous security deployment
Based on a common set of commitments on security levels, Iguana Solutions assesses the risk tolerance of the company and platform and defines the necessary control cycles.
The identification of security vulnerabilities with regard to abusive user behaviour, the formalisation of automated security tests, automated code review, securing of the environment, monitoring and universal recording of events all contribute to establishing high standards in terms of security culture throughout a product's life cycle.
- Alignment of business and technical teams
- Risks/benefits analysis
- Security requirements
- Policy management
Iguana Solutions draws on its extensive experience of managed services to carry out detailed security audits.
Mapping and analysis of the strengths and weaknesses of the company's platform are carried out to establish the current status of the security system and identify genuine risks to which the systems and the organisation may be exposed. The audit is produced in the form of a report that can be applied directly by the company’s internal teams or those of its partners : mapping, inventory, penetration tests.
Through our consulting services, we will establish a tailor-made security plan, taking into account all the regulations relating to the integrity, confidentiality and availability of your data and services. In particular, the recommendations concern production, storage, archiving and backup technologies to be adopted, localisation and sovereignty issues, life cycle management and the principles applicable to data access, use and retention.