CASE STUDY:
Ongoing Monitoring of Dark Web Traffic and Network / Application Vulnerabilities
BRIEF:
The CIO at a large community college had growing concern over information being leaked to the dark web.
ROLE OF MAX2:
Plan and execute a project to scan the recently expanded network architecture and updated application set for potential dark web traffic and other common vulnerabilities.
Select tools and implement active monitoring of vulnerabilities and data flows utilizing various public and private security/intelligence repositories.
Create governance structure for ongoing updates to network and system rules according to findings.
WHAT WAS DELIVERED?
Procedures were developed for ensuring monthly scanning of the exterior facing network devices and all applications communicating with the open internet.
Policies for student and faculty access were reviewed and updated to ensure proper fail safes were in place to catch and prevent leaks to the dark web.
Governance committee was put in place for review by the network and systems teams to ensure mitigating actions were completed and any regulatory requirements for reporting were adhered to.
New patch management protocols implemented based on regular scans for vulnerably and access control.
OUTCOME:
Following initial “clean-up” and remediation ongoing monitoring, reporting, and governance put in place resulting in specific actions created to secure systems and information.
services:
INDUSTRIES: