Swifttech Diagrams

Uploaded by

Firehawk Consulting provided a report to SwiftTech summarizing concerns with SwiftTech's security posture. Key issues noted included AES-128 encryption for some file storage, unencrypted databases, weak password policies, lack of MFA for VPN access, outdated TLS usage, lack of network segmentation, unpatched servers with vulnerabilities in development, and no application vulnerability scanning. The report included network and data flow diagrams of SwiftTech's architecture.

Copyright:

Available Formats

Download as PPTX, PDF, TXT or read online from Scribd

Swifttech Diagrams

Uploaded by

CROST

0% found this document useful (0 votes)

75 views10 pages

Copyright

Available Formats

PPTX, PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Download as PPTX, PDF, TXT or read online from Scribd

Download as pptx, pdf, or txt

0% found this document useful (0 votes)

75 views10 pages

Swifttech Diagrams

Uploaded by

CROST

Copyright:

Available Formats

Download as PPTX, PDF, TXT or read online from Scribd

Download as pptx, pdf, or txt

Jump to Page

You are on page 1of 10

Search inside document

Firehawk

Consulting
The following report was prepared on behalf of
SwiftTech.

Thank you for giving Firehawk Consulting the

opportunity to review your security posture in
anticipation of performing a SOC II security
assessment.

We hope you find the notes below as you begin

your journey. Please do not hesitate to contact us if
you have further questions.
For

SwiftTech
Firehawk
Consulting
After review, Firehawk has noted the following areas of concern. You may wish to consider updating policy and security
controls based on your current business goals, risk management posture, and compliance considerations.

Controls
Data Storage
• VPC3 File storage supports only AES-128 encryption
• Databases in production environment are unencrypted
End User Management
• Internal Network users require a 7-character password
• Passwords never expire
• VPN access does not require MFA
Network Controls
• TLS v1.1 is used between the cloud production environment and SwiftTech’s physical location
• Application development Tiers are not logically segmented from Business Application servers
Patching and Vulnerability Management
• Development Tier servers are unpatched and contain multiple vulnerabilities
Secure Software Development
• Application code is not scanned for vulnerabilities before being published into production environment
SwiftTech
Speed, Flexibility, Success
VPC1 VPN Users

Web Servers
VPC2 Internet

HA 192.168.1.x
VPC3

Database Servers Log Management

and Monitoring
File Storage
HA Internal Applications
Test

Dev Backup and Analytics

Network Diagram
Revision: xx/xx/xx
Confidential
Internal Users
Inputs Multi-tenant Service Internal Processing
Company Registration Web Servers
Company Name
Company Contact Info Code
User Registration

Data
HA Test
User Information (Private)
Role Assignment
Data Input Database Servers Backup and Analytics Customer Acquisition
Project Details (Secret) and Communication
Data
Project Timelines
Related Documentation HA Processing

Data Data
Internal Applications
-De-identification
-Analysis

Data Flow Diagram

Revision: xx/xx/xx
Confidential
Security Posture (1.) SwiftTech
Relevant Frameworks (2.) SwiftTech
Audit Against Frameworks (3.) SwiftTech
Audit Against Frameworks (3.) SwiftTech
pg2 (if needed)
Governance Mechanisms for End-User SwiftTech
Management Controls (6.)
1.
2.
3.

CompTIA DataSys+ DS0-001
Document13 pages
CompTIA DataSys+ DS0-001
Andy
No ratings yet
COMP246-zFish Tracker-Assignment Part A, B, C - SRS and SDD
Document44 pages
COMP246-zFish Tracker-Assignment Part A, B, C - SRS and SDD
Manpreet Kaur
No ratings yet
XProtect Server Calculator
Document2 pages
XProtect Server Calculator
farshath
No ratings yet
Engineering. Software. Eric J. Braude. Michael E. Bernstein. Modern Approaches Universitatsbibliothek Hannover ' Technische Inform Ationsbibliothek
Document8 pages
Engineering. Software. Eric J. Braude. Michael E. Bernstein. Modern Approaches Universitatsbibliothek Hannover ' Technische Inform Ationsbibliothek
Eugene Fortunado
No ratings yet
Swifttech: Speed, Flexibility, Success
Document4 pages
Swifttech: Speed, Flexibility, Success
CROST
No ratings yet
2022 Staticspeed Vunerability Report Template
Document57 pages
2022 Staticspeed Vunerability Report Template
planeta zesk
No ratings yet
CyberArk DNA User Guide
Document151 pages
CyberArk DNA User Guide
Manuel David Robles Zaragoza
No ratings yet
Forrester Wave In-Memory Data Grids
Document16 pages
Forrester Wave In-Memory Data Grids
lumbrigack
No ratings yet
File Upload Vulnerability in DVWA: Lab Experiment - 8
Document6 pages
File Upload Vulnerability in DVWA: Lab Experiment - 8
viwajd
No ratings yet
Coq 8.10.2 Reference Manual PDF
Document643 pages
Coq 8.10.2 Reference Manual PDF
John Bardakos
No ratings yet
Cognos 8 Tool Known Errors and Its Resolution Document
Document61 pages
Cognos 8 Tool Known Errors and Its Resolution Document
Puneet Gupta
No ratings yet
Aptech Aptitude Test Papers HDSE 1
Document20 pages
Aptech Aptitude Test Papers HDSE 1
Zen Mind Chess Academy
No ratings yet
Security Risk Assessment: Risk # Risk Risk Family
Document7 pages
Security Risk Assessment: Risk # Risk Risk Family
CROST
No ratings yet
Vision: Electricity Bill Management System
Document14 pages
Vision: Electricity Bill Management System
DiyaN IrfaN sketcher and cartooning art
No ratings yet
Previewpdf
Document43 pages
Previewpdf
Janani Selvaraj
No ratings yet
COMP246-016 - Fridge Management System - Parts A, B, & C
Document56 pages
COMP246-016 - Fridge Management System - Parts A, B, & C
Manpreet Kaur
No ratings yet
18 Node - Js
Document28 pages
18 Node - Js
Rahul Maru
No ratings yet
Midterm Test 1 - Attempt Review (Page 1 of 4)
Document1 page
Midterm Test 1 - Attempt Review (Page 1 of 4)
nhox sok
No ratings yet
Advanced Internetworking: Larry L. Peterson and Bruce S. Davie
Document43 pages
Advanced Internetworking: Larry L. Peterson and Bruce S. Davie
Janhavi Vishwanath
No ratings yet
Final Paper Resit Exam For Python Programming
Document6 pages
Final Paper Resit Exam For Python Programming
ckiadj
No ratings yet
IT2301 Question Paper
Document2 pages
IT2301 Question Paper
Navin Joseph
No ratings yet
HPE StoreOnce Software Version 4.3.6 Release Notes
Document27 pages
HPE StoreOnce Software Version 4.3.6 Release Notes
720128atm
No ratings yet
Slide 10 Distribution
Document34 pages
Slide 10 Distribution
nguyencraft01
No ratings yet
ES Practical
Document25 pages
ES Practical
Fake Account
No ratings yet
Complete Final Sem Report PDF
Document79 pages
Complete Final Sem Report PDF
bhanu pratap mishra
100% (1)
Q1) Classify The Types of Operating Systems in Block Diagram Types of Operating System
Document4 pages
Q1) Classify The Types of Operating Systems in Block Diagram Types of Operating System
Syed Abdullah
No ratings yet
How Do I Prepare For The Samsung Professional Software Competency Test - Quora
Document2 pages
How Do I Prepare For The Samsung Professional Software Competency Test - Quora
ud1919
No ratings yet
Block Chain in E-Voting
Document18 pages
Block Chain in E-Voting
sce21cs079
No ratings yet
DAA Mini Project Report Atul
Document17 pages
DAA Mini Project Report Atul
sakshichaudhari459
No ratings yet
Cryptography and Security Systems (CSS) Brain Heaters
Document38 pages
Cryptography and Security Systems (CSS) Brain Heaters
Faizan
No ratings yet
Highly Confidential Security System - Sole Survivors - Inital Release
Document34 pages
Highly Confidential Security System - Sole Survivors - Inital Release
Arun prasath S
100% (1)
Web Attack Prediction Using Stepwise Conditional Parameter Tuning in Machine Learning Algorithms With Usage Data
Document17 pages
Web Attack Prediction Using Stepwise Conditional Parameter Tuning in Machine Learning Algorithms With Usage Data
AIRCC - IJCNC
No ratings yet
Django Roadmap
Document4 pages
Django Roadmap
Prem
No ratings yet
Sample Paper Q0503
Document20 pages
Sample Paper Q0503
Anku Sharma
No ratings yet
Daa Ktu Notes
Document112 pages
Daa Ktu Notes
Adarsh Kr
No ratings yet
Computer Networks: by Damera Venkatesh Assistant Professor
Document22 pages
Computer Networks: by Damera Venkatesh Assistant Professor
TAMMISETTY VIJAY KUMAR
No ratings yet
Consistency and Replication: CS403/534 Distributed Systems Erkay Savas Sabanci University
Document44 pages
Consistency and Replication: CS403/534 Distributed Systems Erkay Savas Sabanci University
Umesh Thoriya
No ratings yet
Websphere Clusters and Scalability
Document30 pages
Websphere Clusters and Scalability
Bi Bông
No ratings yet
Applications of Assembly Language
Document8 pages
Applications of Assembly Language
Holly InSanest
100% (4)
1 Java Architecture
Document22 pages
1 Java Architecture
vs
No ratings yet
PSE Endpoint Paloaltonetworks
Document1 page
PSE Endpoint Paloaltonetworks
nhana
No ratings yet
Digital Forensics: Unit No. 1 Computer Forensics
Document2 pages
Digital Forensics: Unit No. 1 Computer Forensics
kingraaja
No ratings yet
Fs QB: Question Bank and Answers
Document91 pages
Fs QB: Question Bank and Answers
Arun Kumaar Srinivasan
No ratings yet
Computer Networks CS F303: BITS Pilani
Document86 pages
Computer Networks CS F303: BITS Pilani
LakshyaGhuliani
No ratings yet
Saurashtra University: Rajkot - India
Document13 pages
Saurashtra University: Rajkot - India
TARPARA KAUSHAL
No ratings yet
Student Marks Analyzing System
Document8 pages
Student Marks Analyzing System
Pankaj Patil
No ratings yet
SA Unit 3
Document14 pages
SA Unit 3
baby
No ratings yet
Data Science MCQ Topics: Protect Your Account Without Compromising On Speed or Connection
Document6 pages
Data Science MCQ Topics: Protect Your Account Without Compromising On Speed or Connection
ABC
No ratings yet
Software Engineering SYIT SEM-IV
Document7 pages
Software Engineering SYIT SEM-IV
Rohan Ghadge
No ratings yet
COM-421-Lecture-Notes-7 - Open Stack
Document24 pages
COM-421-Lecture-Notes-7 - Open Stack
madzaloresten8
No ratings yet
Appendix A-Agent For Linux
Document23 pages
Appendix A-Agent For Linux
vladimir
No ratings yet
Web Development Using PHP
Document65 pages
Web Development Using PHP
Rabiya
No ratings yet
COT-216 and IT-313 Software Engg PDF
Document18 pages
COT-216 and IT-313 Software Engg PDF
Pardeep Singh
No ratings yet
Phase 2 Final
Document65 pages
Phase 2 Final
Mr Hentai
100% (1)
MCN Diploma Lab Manual
Document81 pages
MCN Diploma Lab Manual
sutharmahammadali44
No ratings yet
Chapter 23 - Product Metrics
Document23 pages
Chapter 23 - Product Metrics
malik assad
No ratings yet
Chapter 11: Mass-Storage Systems: Silberschatz, Galvin and Gagne ©2018 Operating System Concepts - 10 Edition
Document49 pages
Chapter 11: Mass-Storage Systems: Silberschatz, Galvin and Gagne ©2018 Operating System Concepts - 10 Edition
tHe tecHniquEs
No ratings yet
Hadoop Cluster Deployment
From Everand
Hadoop Cluster Deployment
Danil Zburivsky
No ratings yet
Firehawk Consulting: Swifttech
Document9 pages
Firehawk Consulting: Swifttech
CROST
No ratings yet
8733780556489189228swifttech-Diagrams Noura Al-Rasheed 16 Aug
Document9 pages
8733780556489189228swifttech-Diagrams Noura Al-Rasheed 16 Aug
CROST
No ratings yet
Security Design Template
Document12 pages
Security Design Template
armora9221
No ratings yet
Firehawk Consulting: Swifttech
Document9 pages
Firehawk Consulting: Swifttech
CROST
No ratings yet
Click To Edit Master Title Style
Document4 pages
Click To Edit Master Title Style
CROST
No ratings yet
Security Risk Assessment
Document5 pages
Security Risk Assessment
CROST
No ratings yet
خطة ماجستير الأمن السيبراني الجديدة
Document8 pages
خطة ماجستير الأمن السيبراني الجديدة
CROST
100% (1)
Stacks and Queues
Document21 pages
Stacks and Queues
Dhivya N
No ratings yet
Large Object Data Types (Blob, Clob, Dbclob) :: Character Large Objects (Clobs) - A Character String Made Up
Document4 pages
Large Object Data Types (Blob, Clob, Dbclob) :: Character Large Objects (Clobs) - A Character String Made Up
Abdul Kadir Arsiwala
No ratings yet
Group 3 - Fintech
Document20 pages
Group 3 - Fintech
muskaan madan
No ratings yet
Mobile Data - Docx Attachment 250662
Document20 pages
Mobile Data - Docx Attachment 250662
anishji
No ratings yet
Data Mining Unit 1
Document24 pages
Data Mining Unit 1
Anurag sharma
No ratings yet
Joins in Dbms
Document19 pages
Joins in Dbms
Yash
No ratings yet
Viva Questions - Informatics Practices: 16. What Is Backend and Front End?
Document8 pages
Viva Questions - Informatics Practices: 16. What Is Backend and Front End?
pradnyamulay
No ratings yet
PS.2024.C3.Corte1.Pruebas de Integracion.223204.GallegosBorraz
Document6 pages
PS.2024.C3.Corte1.Pruebas de Integracion.223204.GallegosBorraz
223204
No ratings yet
BPC Embedded - Very Good
Document10 pages
BPC Embedded - Very Good
Raje
No ratings yet
BT PRog
Document3 pages
BT PRog
Bhanu chander
No ratings yet
Tablespace Management Exercise
Document2 pages
Tablespace Management Exercise
comedy Junction
No ratings yet
DD 6 4
Document19 pages
DD 6 4
Daniel Bharathy Dinakaran
No ratings yet
Hibernate Reference3.2
Document232 pages
Hibernate Reference3.2
vextor80
No ratings yet
Chapter 9 - Structured Query Language (SQL) - NCERT Solutions For Class 12 Computer Science Code 083 CB
Document30 pages
Chapter 9 - Structured Query Language (SQL) - NCERT Solutions For Class 12 Computer Science Code 083 CB
naga06557
No ratings yet
Fbi Assignment Bida 2024 (CW)
Document6 pages
Fbi Assignment Bida 2024 (CW)
aobakwempatane67
No ratings yet
MS Access Notes: 9-25-2020 Dit-Ii Arshad Ali Soomro CS Instructor at IBA ITC Gambat
Document18 pages
MS Access Notes: 9-25-2020 Dit-Ii Arshad Ali Soomro CS Instructor at IBA ITC Gambat
Java Adobe
No ratings yet
3 Relational Model
Document62 pages
3 Relational Model
deepak007m
100% (1)
Curriculum Vitae: Rajat Agrawal
Document3 pages
Curriculum Vitae: Rajat Agrawal
richa24
No ratings yet
Ceng301 Dbms Session 12
Document31 pages
Ceng301 Dbms Session 12
grupsakli
No ratings yet
402 Information Tech MS X
Document9 pages
402 Information Tech MS X
anil
No ratings yet
Subhasis Patra CV V3
Document5 pages
Subhasis Patra CV V3
Shubh Sahoo
No ratings yet
Point of Sale System
Document51 pages
Point of Sale System
sumayangiresh
No ratings yet
DOS Commands
Document10 pages
DOS Commands
Vignesh
67% (3)
Interrupt: (String1, String2) : String1 String2
Document18 pages
Interrupt: (String1, String2) : String1 String2
NMulyono
No ratings yet
Oracle Projects Useful Queries
Document11 pages
Oracle Projects Useful Queries
Joe
No ratings yet
Section 1 Quiz
Document37 pages
Section 1 Quiz
fajrul saparsah
No ratings yet
Flask Admin Readthedocs Io en Latest
Document110 pages
Flask Admin Readthedocs Io en Latest
Idris Astri
No ratings yet
Oracle EPM Overview
Document39 pages
Oracle EPM Overview
Wishtree Technologies
No ratings yet
Module 04 Develop Solutions That Use Azure Cosmos DB
Document35 pages
Module 04 Develop Solutions That Use Azure Cosmos DB
Xulfee
No ratings yet
Error While Connecting Dremio Through Paxata
Document22 pages
Error While Connecting Dremio Through Paxata
Diptam Dutta
No ratings yet