The Beacon team deploys many varied solutions to support threat identification and analysis. Beacon leverages vulnerability identification and assessment tools to identify vulnerabilities within Beacon, observability and monitoring to allow operational visibility into the system, custom alerting to provide detailed insight into emerging issues, and comprehensive threat modeling and risk analysis of all of these to help improve and assess Beacon’s risk profile.
Security Testing
Beacon security testing involves a series of overlapping test approaches designed to narrow and continually monitor and control the system attack surface. Beacon leverages industry standard tools like:
Vulnerability scanning solution;
Regular (at least annual) penetration testing;
Detailed quality Assurance testing (e.g., unit, integration, end-to-end) prior to release; and
Testing of all transport routes (e.g., TLS/SSL testing) to ensure secure communications.
Vulnerability Management
The Beacon vulnerability management process utilizes an industry standard approach to vulnerability management as outlined below:
Vulnerability scans are performed using a variety of tools including.
Issues detected during scanning process are identified.
Industry established categorization solutions (e.g., Common Vulnerabilities and Exposures or CVE rating) are utilized to provide insight into vulnerability severity.
Finding(s) are verified and potential impacts on environment are documented.
Investigative research about the finding(s) is performed to understand its nature, potential associated indicators of compromise, and identify corrective actions.
Controlled corrective action steps in line with our established change and configuration management processes are taken to resolve finding.
Penetration Testing
The Beacon environment is subject to (at a minimum) annual penetration tests from an external third-party. These tests include internal and external penetration testing via a combination of automated and manual testing techniques. If the process identifies findings, they are integrated into the vulnerability management process to be tracked and addressed through adjudication or mitigation.
Incident Response
Beacon’s incident response solution provides a structured approach for identification, classification, escalation, and resolution of an incident within the environment. The incident response plan offers clear guidance about the roles and responsibilities, required monitoring and alerting necessary to support incident response, and delineation of associated health checks that monitor system operations and implemented changes. The plan further codifies a triage response mechanism, establishes expectations for logging of the event, and defines a mechanism for performing root cause analysis for the event. The Beacon incident response program is regularly tested (at least annually) and all identified issues are implemented as corrective actions as part of the focus on continuous improvement.