{"id":160,"date":"2008-12-28T18:26:47","date_gmt":"2008-12-28T18:26:47","guid":{"rendered":"http:\/\/nickmachia.com\/client\/aplura\/?p=160"},"modified":"2015-04-28T18:27:42","modified_gmt":"2015-04-28T18:27:42","slug":"aplura-security-assessment-the-situation-mid-sized-application-provider","status":"publish","type":"post","link":"https:\/\/nickmachia.com\/client\/aplura\/aplura-security-assessment-the-situation-mid-sized-application-provider\/","title":{"rendered":"Aplura Security Assessment: The Situation &#8211; Mid-Sized Application provider"},"content":{"rendered":"<h3>Commercial Application Provider<\/h3>\n<ul>\n<li>Manages and maintains a web-based HR solution for US Federal entities<\/li>\n<li>All software and data are hosted on Application Provider systems<\/li>\n<\/ul>\n<h3>Federal Guidelines<\/h3>\n<ul>\n<li>The Application provider as a commercial entity does not fall under Federal regulatory compliance requirements;\u00a0however, their customers require similar standards.<\/li>\n<li>The Application provider, in preparation for a new very large non-civilian federal customer needed to demonstrate an appropriate security posture with a small threat surface.<\/li>\n<li>The solution must meet the following:\n<ul>\n<li>External evaluation for unnecessary access<\/li>\n<li>Report discovered-flaws from Web Application evaluation<\/li>\n<li>All system\/application interrogation must be performed during specified maintenance windows to minimize operational impact.<\/li>\n<li>The entire project was to be completed quickly to meet operational commitments the Application provider made to their new customer.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>The Solution<\/h3>\n<ul>\n<li>Aplura&#8217;s consultants worked with the Application provider and their IT contractor who manages their data-center.<\/li>\n<li>Aplura modified their <a href=\"..\/consulting\">Aplura Security Assessment (ASA)<\/a> to customize it for this purpose.<\/li>\n<li>The ASA was well suited for this work, since it covered the requirements and included a lot of additional value to the customer.<\/li>\n<\/ul>\n<h3>The Results<\/h3>\n<ul>\n<li>The customer was provided a report which highlighted met all of their requirements<\/li>\n<li>Additionally, the report demonstrated additional considerations regarding unnecessary information disclosure found during the network services interrogation.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Commercial Application Provider Manages and maintains a web-based HR solution for US Federal entities All software and data are hosted on Application Provider systems Federal Guidelines The Application provider as a commercial entity does not fall under Federal regulatory compliance requirements;\u00a0however, their customers require similar standards. The Application provider, in preparation for a new very<br \/><a class=\"sharad-readmore\" href=\"https:\/\/nickmachia.com\/client\/aplura\/aplura-security-assessment-the-situation-mid-sized-application-provider\/\">Read More &#8230;<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-160","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"acf":[],"_links":{"self":[{"href":"https:\/\/nickmachia.com\/client\/aplura\/wp-json\/wp\/v2\/posts\/160","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nickmachia.com\/client\/aplura\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nickmachia.com\/client\/aplura\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nickmachia.com\/client\/aplura\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nickmachia.com\/client\/aplura\/wp-json\/wp\/v2\/comments?post=160"}],"version-history":[{"count":1,"href":"https:\/\/nickmachia.com\/client\/aplura\/wp-json\/wp\/v2\/posts\/160\/revisions"}],"predecessor-version":[{"id":161,"href":"https:\/\/nickmachia.com\/client\/aplura\/wp-json\/wp\/v2\/posts\/160\/revisions\/161"}],"wp:attachment":[{"href":"https:\/\/nickmachia.com\/client\/aplura\/wp-json\/wp\/v2\/media?parent=160"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nickmachia.com\/client\/aplura\/wp-json\/wp\/v2\/categories?post=160"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nickmachia.com\/client\/aplura\/wp-json\/wp\/v2\/tags?post=160"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}