A few things we’re great at
Moon Cloud is a cybersecurity and compliance company, offering the consultancy and services for the following activities
Cybersecurity
Vulnerability/Penetration.
Continuous Testing and Monitoring of Compliance to regulations (e.g., NIST, NIS2)
AI assessment
AI normative compliance (e.g., AI Act).
Custom checklists and AI model-specific controls including LLMs
Development
Service Containerization
DevOps and MLOps engineering
Software and Service Certification
TRAINING
Cybersecurity, Cloud Computing, Big Data platforms, software testing and certification
Cybersecurity
Effective Assessment
Moon cloud team has a long experience in assessing cybersecurity posture of complex ICT systems and products. Its platform will help in achieving effective cybersecurity assessment.
Vulnerability
VA is one of the preliminary stage to assess the cybersecurity posture. It must be interpreted and mapped to concrete threats in order to setup an effective remediation campaign.
Penetration
VA is not enough to evaluate the cybersecurity risk. A vulnerability should be considered if exposed to exploits. It is traditionally una tantum but continuous PT is much more effective.
Custom Assessment
Complex custom infrastructure, as well as services and software developed and offered must be assessed for cybersecurity. Ad hoc assessment strategies as well as DevOps checks and static code analysis must be defined.
Security by Design
Assessing cybersecurity on a system not designed to be controlled and monitored is a complex and inefficient task. Security and privacy by design should be adopted considering the assessment and audit while in production.
Cybersecurity
Tailored Compliance
Moon Cloud team has a long experience in handling compliance and certification procedures. Standards and good practices are fundamental to guide the evaluation. Without such a guide the cybersecurity assessment could be incomplete. However in most of the case the standards and guidelines lack of technical details and requires to be tailored on the company needs.
Specialized Checklist
Standards and guidelines are generic and can hardly apply to real scenarios. There is the need of experts capable to refine and tailored them to the company’s needs.
Continuous Assessment
Although it is treated as una tantum process it is fundamental to re-evaluate compliance continuously to cope with changes and evolutions of threats and legislations.
Risk Analysis
Compliance it is perceived as binary process while there should be different levels of compliance that need to be identified.
Remediations
Remediations must be the final scope of a compliance process, find solutions to non conformity requires experience and remediations are customer specific.
AI ASSESSMENT
Control AI Behaviour
Moon Cloud Team is expert in assessing AI system, models and applications for non-functional property behaviours such as fairness, robustness and etics. Such properties are mandatory in many context but hardly guaranteed by AI model providers.
Compliance
As for cybersecurity compliance is fundamental also for AI assessment, where the process of building AI model have to be fully under control. In this context the properties of the process generating the model are of crucial importance.
Technical controls
Traditional non-functional property controls cannot be applied to AI models. Moon Cloud team realized a set of specific controls capable to cope the entire AI model lifecycle from data gathering, preprocessing, training, to model validation and operation.
Large Language models
Among the AI models LLMs are the most promising to be ubiquitously used in many context making their assessment strategic and very challenging.
MLOps and lifecycle
AI assessment should be integrated in the AI lifecycle in order to be effective and reactive to changes. Small variations at dataset or training procedure may impact model properties, hardly discoverable later in operation.
DEvelopment
Support in DevOps engineering
Moon Cloud team has a very long experience in designing and realizing state f the art software architecture for R&D projects. In particular distributed software architectures showing advanced non functional properties such as cybersecurity privacy, fairness and regulatory compliance
Security and Privacy by design
It is a must for novel systems and very complex to achieve in case of updates or refactoring for existing ones. It requires long experience and capabilities of finding suitable stable technological solution fitting non-functional and functional needs.
DevOps MLOPS engineering
Software development process aw well as AI model generation process is nowadays a fundamental part to be considered while designing complex architecture. They are crucial to guarantee non-functional properties to the final system such as reliability, privacy and security.
Certification
According to EU, Certification is established as the principal solution to increase trust and prove non functional posture of a given system. Moon Cloud team had lead the pioneering effort at EU level to provide certification schema to modern systems.
Containerization
Deployment and infrastructure as code are currently indiscernible procedures to be embedded in the software engineering process. Deciding how and if containerization is usefull is complex and whould provide or prevent some crucial non-functional properties such as latency and tenant isolation.
Training
Professional Training
Moon Cloud is made of people with a strong competences in delivering courses at professional level. Most of our teaching staff has a prestigious academic position or owns a Ph.D.
Cybersecurity
How to design and protect a system and applications to the cybersecurity threats is nowadays a must for every company. Fine grained and tailored course will make the difference in addressing skill shortage which is one of the principal factor producing cybersecurity weaknesses.
Cloud Native
Applications are increasingly based on Cloud services to be offered. In most of the cases to address availability and reliability issues but also to provide adequate performance. Understanding how to design Cloud Native Applications is important to balance the need of cloud with the need of reducing operational costs.
Big Data
Modern Big Data Systems requires advanced governance and compliant architecture, Understanding how to design it, will be of great help for producing sustainable and effective solution.
Modern Continuum
Many solutions like current IoT, Edge and Fog is grounded on the concept of Edge Cloud Continuum. Such concept can hide technical difficulties but also opportunities that ave to be fully clear to the developers and project designed