Monitoring and management of vulnerabilities, security events and incidents
In this article:
Monitoring and management of vulnerabilities, security events and incidents#
Monitoring of cloud resources#
The monitoring service in K2 Cloud enables the user to monitor the parameters of infrastructure components and set up an alarm to be triggered if a certain parameter reaches a preset threshold.
In addition, a customer can use the Activity Log service to record, store and analyze actions that its employees performed via the web interface and API.
Event logging and incident response#
The company has adopted information security event and incident management procedures. Dedicated specialists from K2 Cloud are responsible for the correct operation of the security incident management process. Specialists from relevant departments are engaged to provide legal, administrative and expert assistance.
When managing security incidents and events, it is considered critical to:
collect security events from monitoring tools, users’ messages and other sources;
detect security incidents, using automated tools, as well as the K2 Cloud specialists’ skills and expertise;
respond to security incidents in compliance with the response plans or by engaging specialists to resolve non-typical problems;
analyze security incidents once their consequences have been eliminated;
take necessary remedial actions and make improvements following the security incident analysis.
If security incidents affect customer resources, K2 Cloud security specialist will inform the customer about the event and/or incident and tell how to track its status.
Situations, where the customer is notified of incidents are stipulated in the agreement between the parties. If the customer is informed about the security incident/event, a notification is sent via email within 24 hours. The email may contain a description of recommended measures that the customer can take to prevent the incident or mitigate its effects.
We also provide our customers with the required digital evidence or other information from the cloud environment under a reasoned request.
Management of technical vulnerabilities#
To ensure K2 Cloud infrastructure security, we adopted a vulnerability management process that includes:
regular infrastructure scanning inside and outside the perimeter;
regular monitoring of the resources that publish information about the latest vulnerabilities;
using the configuration standard for devices to be employed in the production environment.
If a vulnerability is found, we analyze it, set remediation deadlines and monitor the remedial process. In addition, the K2 Cloud security specialists analyze the newly published vulnerabilities and, if those may affect the K2 Cloud infrastructure, do their best to deploy security patches or take mitigation measures as soon as possible.