Mnemonic AS

Continuous Azure Security Review

Threat actors are targeting insecure configurations and architectures within cloud deployments. mnemonic's continuous azure security review helps organizations identify and keep track of technical risk in the volatile world of Azure security.

Features

• Continuously assess the Azure deployment using manual, consultant driven review
• Identify missing security controls within the cloud security architecture
• Review your approach and implementation of IAM within the deployment
• Identify dangerous attack paths within a cloud deployment
• Identify configuration weaknesses within the public cloud services
• Review a cloud deployment architecture for deviation from best practices

Benefits

• Gain understanding of the security posture of your Azure deployment
• Identify and receive remediation steps to close dangerous attack paths
• Evaluate areas for improvement within the security architecture of Azure
• Remediate dangerous vulnerabilities
• Align the security and development teams
• Keep up with the constant pace of Agile DevOps teams
• Receive advice for remediation of exploitable security issues
• Receive a monthly report that outlining new vulnerabilities
• Prioritise security efforts
• Identify threats

£3,000 to £6,000 a licence a month

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at nathan@mnemonic.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

171502477025531

Contact

Nathan Jones
+447891234688
nathan@mnemonic.co.uk

Planning

• Planning service: Yes
• How the planning service works: As organizations deploy more workloads within Azure, the roles and responsibilities for managing these workloads is changing. Decentralized DevOps teams are now given the responsibility to build, operate, and even secure the infrastructure they deploy within Azure, frequently under architectural guidance from a centralized governance and architectural team.; ; These organizations face the challenge of identifying and preventing vulnerabilities from arising in this decentralized approach to operations – with so many teams constantly updating and deploying new identities, access, and infrastructure, there is a constant risk for new vulnerabilities that could affect the entire Azure deployment.; ; mnemonic's continuous azure security review tackles this challenge head-on by adding a human into the loop of these highly automated processes, to keep an eye on how each change affects the security of both Azure and Azure AD. Consultants perform constant security research and architectural review against your Azure deployment, hunting for new unique vulnerabilities and architectural weaknesses.
• Planning service works with specific services: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
• Certified security testers: Yes
• Security testing certifications:
  • CREST
  • Other
• Other security testing certifications: SANS

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: N/A

User support

• Email or online ticketing support: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Support levels: All customers receive the same support level. At the start of each project, the customer is assigned a Technical Account Manager (TAM) from mnemonic whose responsibility is to coordinate and attend regular service meetings. The TAM serves as a trusted adviser to the customer to make recommendations on how to improve the service and security in general. This is all included in the service cost.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: DNV GL - Business Assurance
• ISO/IEC 27001 accreditation date: 31/05/2005
• What the ISO/IEC 27001 doesn’t cover: The certificate is valid for the following scope:; ; Security solutions sales, support and system integration. Security solutions consulting. Managed security services. Risk-based vulnerability analysis, penetration testing, security audit of applications, networks and security systems. In accordance with Statement of Applicability version 136, 2022-02-16.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: SRC - Security Research and Consulting, GmbH
• PCI DSS accreditation date: June 2018
• What the PCI DSS doesn’t cover: N/A
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • ISO 9001:2015
  • NSM quality scheme for incident handling
  • SOC 2 - SOC for Service Organizations

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Wellbeing

  Fighting climate change

  mnemonic complies with national and international environmental legislation, and has operationalized its environmental commitment through specific measures as part of the certification as an Environmental Lighthouse. With this, the company can document compliance with strict criteria within energy, transport, purchasing, waste, emissions, aesthetics and working environment.; ; Eco-Lighthouse places strict demands on management and mnemonic's employees, and shows our suppliers, customers and partners that we take environmental work seriously.; ; The certificate is valid for the period 2019-2022. mnemonic moved its head office to Indekshuset, Oslo in August 2019. The building has a green profile with a high degree of waste recycling, activity-based lighting and ventilation that significantly reduces the climate footprint.

  Tackling economic inequality

  mnemonic acts in accordance with social legislation, including: Forced labor / slave labor (ILO Convention Nos. 29 and 105) Trade union organization and collective bargaining (ILO Convention Nos. 87, 98, 135 and 154) Child labor (UN Convention on the Rights of the Child, ILO Convention Nos. 138, 182 and 79, ILO Recommendation No. 146) Discrimination (ILO Conventions Nos. 100 and 111 and the UN Convention on the Elimination of All Forms of Discrimination against Women) Brutal treatment (UN Convention on Civil and Political Rights, Art. 7) Health, safety and the environment (ILO Convention No. 155 and Recommendation No. 164) Wages (ILO Convention No. 131) Working hours (ILO Convention Nos. 1 and 14) Regular employment (ILO Convention Nos. 95, 158, 175, 177 and 181) Marginalized population groups (UN Convention on Civil and Political Rights, Articles 1 and 2)

  Wellbeing

  Working environment is an important focus for the company, and is described in our Code of Conduct. We work actively to ensure good working conditions for our employees, which has yielded results. mnemonic is consistently rated amongst the top employers in Norway and Europe.; ; In 2023 mnemonic was rated 1st in the “Great Place to Work” assessment for Norway. Based on a company culture with shared incentives for long term value, the employee retention rate has always been above 96%.

Pricing

• Price: £3,000 to £6,000 a licence a month
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at nathan@mnemonic.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.