Skip to main content
EngagementHQ Network Security

Are network threats actively monitored? Are there necessary processes in place to safeguard the application based on risk and exposure?

Gayathri Rajendiran avatar
Written by Gayathri Rajendiran
Updated over a year ago

Our application is hosted on the large, Internet-scale, world-class infrastructure that benefits from the same engineering expertise that has built Amazon into the world’s largest online retailer. AWS’s networks are multi-homed across a number of providers to achieve Internet access diversity. EngagementHQ makes use of the Amazon Virtual Private Cloud (VPC) to create an isolated ecosystem.

Logging and alerting systems are in place, which help identify potential malicious activity and can be stopped via firewalls on AWS. We utilise the AWS provided Amazon CloudWatch and VPC Flow Logs for network traffic monitoring.

Additionally, we use Data Dog for analysis of traffic activity and to provide alerts based on which, the AWS provided ACL is used to automatically block offending IP addresses. In simple terms, we run a set of algorithms that automatically block any requests from IP Addresses that are identified as exhibiting suspicious behaviour. In the rare event that valid IP Addresses are blocked, we can manually flush the tables to reset.

The AWS network uses proprietary mitigation techniques providing significant protection against traditional security issues such as Distributed Denial Of Service (DDoS) Attacks, Man in the Middle (MITM) Attacks, IP Spoofing, Port Scanning, etc.

You can also refer to this article on Vulnerability Assessment and Penetration Testing (VAPT) for more information.

Did this answer your question?