Skip to content

Mysticons mission

Creating a secure kubernetes production environment, implementing SOC and monitoring the security of all projects.

Our main goal is to create a highly automated Security Operations Center (SOC), Security Information and Event Management (SIEM), and Security Orchestration, Automation, and Response (SOAR) systems. We are implementing a seamless Continuous Integration and Continuous Delivery (CI/CD) pipeline with rigorous security checks using custom scripts, Anchore and Checkov inside the GitLab environment.

We also provide consultancy in WIMMA Lab when it comes to topics like DevSecOps principles, testing with robot framework, cyber security in general or containerization. Our goal is to ensure the safety and efficiency of development operations for other teams.

We decided that our aim should be to build an industry-standard hosting environment based on Kubernetes. The K8s clusters will be deployed on IaaS cloud services provided by CSC. This robust and scalable high-availability and GitOps pull architecture is designed to grow without causing disruption to customers' business.

We prioritize security by implementing an efficient ticketing system, executing automated vulnerability assessments, and maintaining a stringent CI/CD pipeline. These measures prevent the deployment of vulnerable containers and provide support to companies during their development and maintenance phases.

Our production environment is further improved by our comprehensive fault tolerance, including automated backups and a high-availability server topology. Critical server nodes, such as control and router nodes, will have redundancy across multiple virtual machines. We have also plans to incorporate Shuffle.io for SOAR and SIEM to ticket implementation.

We have also formed a separate team to create a staging environment that utilizes Palo Alto Networks Prisma Cloud. In contrast to the production environment that uses multiple different open source software, Prisma Cloud offers an all-in-one package that can fulfill many roles. This consolidation enables more streamlined management of our SoC and allows us to focus on improving our services.

Technologies we use

K8s/MicroK8s

Ansible

Terraform

Helm

GitLab

Argo CD

Wazuh

Wazuh Indexer

Wazuh-Kibana integration

Shuffle

MISP

Testkube

Palo Alto Prisma Cloud Enterprise

Anchore/Grype

Checkov

Falco eBPF

HA-Proxy

Grafana

Prometheus

Graylog