Just like the operations of your business, the security of your IT infrastructure is interconnected. Your network connects your servers to each other, to the firewall, to the internet and to your customers. A vulnerability on one server can lead to a data breach on other servers. At Coherent Security, we approach your security requirements as a whole - nothing stands alone.
In the traditional phases of the lifecycle of any infrastructure, the phases of Design, Build and Operate / Optimize are in play. Security plays a key role in all of these phases. The design of any service should have a security focus - if security isn't designed into a solution, it won't be built - and it certainly won't be built later. During the build and operate phases, it's key of course that the infrastructure is built and operated as designed. Logging is key in this phase, in particular intelligent handling and processing of logs, and taking action on logs of interest.
Assessment of any infrastructure is key, and should be in play in all phases. During the design, assessment is often a "what-if?" or tabletop excercise to assess both for security issues and to ensure that the required business function is being delivered. During the Build process, it's important to ensure that the design is followed, and that both the security and business functions are being delivered as designed. While the infrastructure is in operation, assessment is also of course key. Assessments need to be done to ensure that updates and patches are applied in a timely manner, and that as time goes forward, defenses are assessed to ensure that newer attacks are mitigated against. Remediation of course speaks for itself - as issues are found, the resolutions for these must be designed and built (which starts the cycle all over again)
A key measure of success in all of this is to improve the security of your infrastructure in all phases, without slowing down your business processes. We accomplish this with automation, and an understanding of your implementation processes. Often virtualization will be exploited to assess an exact copy of your infrastructure, sometimes we'll implement security focussed assessments as parallel, often automated phases in your build process.
Logging in particular lends itself to automation. During the build and operation of any asset, if logging is configured correctly we can use intelligent logging / SEIM tools to look for anomalous events of all kinds, looking for security issues.