Fresnel Perdana Mandiri - Managed Service Case Study
top of page
Search

Fresnel Perdana Mandiri - Managed Service Case Study

  • Mohamad Ikhwan Davtian
  • 1 hour ago
  • 3 min read

ree

Who the customer is


Fresnel Perdana Mandiri is a fast-growing technology company running important production workloads across several AWS accounts and regions. As a mid-sized organization with regulatory duties and distributed teams, Fresnel needed round-the-clock (24/7) security visibility and reliable incident response, without adding heavy operational work for their internal IT staff.

Background


Before working with ICS Compute, Fresnel’s AWS environment had scattered monitoring and inconsistent controls. Each account kept its own logs and alerts. Teams followed different playbooks, and there was little automation for triage or containment. Most detections depended on manual review, which slowed both detection and response times. Compliance evidence was also gathered manually, making audits time-consuming and disruptive.


Fresnel wanted an AWS-native way to:

  • unify monitoring across accounts,

  • automate responses to common threats, and prepare audit-ready reports, while keeping least-privilege access for all users.


What we did


ICS Compute handled Fresnel’s challenge as one continuous operation, not as separate tasks. First, we centralized security data. We enabled CloudTrail and CloudWatch across all accounts and stored the logs in a single, searchable location, so every team could see security activity from any account or region.


Next, we activated AWS security servicesAmazon GuardDuty for threat detection and Amazon Inspector for vulnerability checks—and integrated their findings into AWS Security Hub. Security Hub became the main dashboard where alerts were normalized, prioritized, and tagged for action.


To turn findings into actions, we created automated workflows using Amazon EventBridge. High-priority alerts triggered AWS Systems Manager runbooks to perform consistent containment tasks—like isolating affected EC2 instances, revoking suspicious IAM sessions, or adjusting security group rules. Runbooks also gathered key evidence (CloudTrail traces, AWS Config snapshots) for investigation.


We added AWS Config rules and AWS Organizations guardrails to detect and prevent configuration drift, and we used AWS Audit Manager to automatically map evidence to compliance frameworks.


Operationally, we made responsibilities and expectations clear. We defined simple SLAs, for example, Sev-1 alert acknowledged within 30 minutes and containment plan within 2 hours, and set up a 24/7 on-call rotation so trained responders were always available. We created communication templates and a secure customer portal for status updates. We also documented shift handoffs and overlapping windows between shifts, so information was never lost across time zones.


To strengthen resilience, we improved VPC segmentation, KMS key management, and DNS and load balancer hygiene. We implemented weekly full and daily incremental backups with 30-day retention, and conducted regular restore drills to verify recovery readiness.


Results


The improvements were clear and measurable. With centralized logs and prioritized findings in Security Hub, both Fresnel’s SOC team and ICS Compute could see threats in near real time. Automated enrichment—like CloudTrail lookups and recent configuration diffs—cut manual triage work and shortened detection and response times. For severe incidents, EventBridge-triggered runbooks executed containment within minutes, reducing impact and limiting the blast radius.


Compliance became simpler: AWS Config enforced desired states, while Audit Manager automatically attached evidence to relevant controls, making audits much smoother. Regular restore drills proved the backup plan worked and increased confidence in recovery. Monthly governance meetings with Fresnel’s stakeholders kept remediation plans on track and budgets aligned. Clear SLAs and communication routines also removed confusion during incidents and strengthened stakeholder trust.


Key takeaways


  • Centralize everything: Bringing logs and findings into Security Hub turned scattered data into actionable insight.

  • Automate response: EventBridge + Systems Manager runbooks reduced manual work and sped up containment.

  • Strong governance scales: AWS Organizations, IAM least privilege, Config, and Audit Manager made consistent controls and audit evidence possible across accounts.

  • People and process matter: Clear SLAs, escalation paths, and shift handoffs kept operations smooth across regions.

  • Test recovery often: Backups only count when restores are tested and proven to work.


Bottom line


ICS Compute delivered an AWS-native MSSP Level 1 solution that turned Fresnel’s fragmented security signals into a unified, automated, and auditable operation. By combining GuardDuty, Security Hub, Inspector, and other AWS management tools with clear SLAs, automation, and disciplined operations, Fresnel gained faster detection and containment, stronger compliance, and stable, predictable continuity across all accounts, regions, and teams.


 
 
bottom of page