Working at Paladion

By balaji

June 18, 2010

Working at Paladion has always been a pleasure for all of us. The varied learning we get here, across domains is amazing. I'd like to share with you a few such experiences I was part of.

The client was a big organization in India and various teams of Paladion worked here in tandem to meet our client's expectations.. I belong to a team called Sectest. My team is responsible here for conducting Source Code Reviews, Application Security Tests, Network Penetration Tests, Host Configuration Assessments and Secure Network Architecture Reviews.

The other teams in Paladion are Consulting; responsible for Process Audits, Ensuring Compliance with various standards, Creating customized Policies and Guidelines for various clients among others.

Another important team working here is our Managed Risk Services (MRS) team; they are responsible for monitoring the client network for the security risks. Apart from helping client in management of security devices like Firewalls and IDS, they also do real time monitoring of security events through remote SOC (Security Operations Center), located in Bangalore. This team operates round the clock to ensure that our clients are always ready to face the latest threats.

For client, these are not three different teams but they just belong to one team called Paladion. The work coordination between these teams is an example for others. I'd like to quote a few such examples:

  • Suspected hacking activities via SQL Injection. The team comprising of people from various Paladion teams coordinated to arrive at the root cause. Sectest did the detailed technical analysis of the attack, MRS performed log correlation using logs & other relevant data available with them. The Consulting Team researched on the history of such attacks and steps for future prevention. The entire team after sitting together concluded that a malicious intruder invoked xp_cmdshell, installed netcat via a SQL Injection vulnerability on a public form and escalated privileges.
  • Backdoor/Trojan Alert on a critical server in the client DMZ raised the alarm for team Paladion. The team worked together in unison, did a thorough log analysis, cleaned the backdoor, found that no damage was done to the server and finally provided valuable suggestions to ensure such incidents did not reoccur in the future.
  • Mock Drill - One member from each internal team was allotted for this activity. Sectest & Consulting team members jointly setup the pre-test environment, hardening and patching a vulnerable Vmware image installed in the client network. The MRS team continuously monitored all the attacks targetted at the VMWare image and notified the other teams on anything that might have been missed. They together did the incident response; their combined efforts were greatly appreciated by the client.
  • Numerous other medium & small activities where they coordinate. Any small project here requires the involvement of atleast 2 internal teams.

The amazing coordination seen here is what makes every project unique for all of us. On one hand, Paladion as a company can be proud of this. While on the other, employees of a particular team are also happy as they get to learn things beyond their normal team activities. A sectest guy gets to do log analysis, incident handling and malware analysis and a MRS team member learns how to perform an application security test and a network pentest.

The fact that there is always exciting work at Paladion and that there is always 100% co-operation between teams is the best part about working here; I for one love working here :)

Tags: Uncategorized