Security Assessment
About
For our client Spyrosoft we conducted a security assessment service.
The aim of the project was to assess the security of network infrastructure.
Project details
Domain CyberSecurity | Services Security Assessment |
Project Project Period 1 month | Method Based-on OWASP standardsand |
Problem
The client was aware of a common problem related to cyber attacks. Caring about the highest quality of provided solutions, they wanted to check the security of their client’s network infrastructure.
Solution proposal
We recommended performing penetration tests of the network infrastructure in order to disclose the existing vulnerabilities.
Project
Together with the Customer we decided that the tests would be carried out from the perspective of an external person attacking the company’s public infrastructure. This method makes the tests more reflective of a real hacker attack. It is worth mentioning that no user accounts were made available to the auditors. Tested areas: publicly accessible IP addresses, local network and WIFI and application servers.
Steps
1. Develop an assessment system to show how much the vulnerability affects infrastructure security.
2. Perform penetration testing.
3. Find vulnerabilities, describe and assign a rating.
4. Report on each area where vulnerabilities were found with recommendations for improvement.
Result
The tests were performed successfully. We were able to identify 7 key issues with a vulnerability index assigned to each area. The customer received a report and recommended solutions that could be implemented to counteract the threats and improve the security of the tested infrastructure.
What did the report contain?
– A list of vulnerabilities.
– Proof of finding the vulnerability.
– Location of the problem.
– A broad description of the problem.
– Importance of the problem.
– Recommendations for solving the problem and preventing similar ones from occurring in the future.
What the customer said – testimonials
Sławomir Podolski
Executive Board Member & COO at SpyroSoft S.A.The tests were performed successfully. They allowed us to identify key areas for improvement. Each area where security
vulnerabilities were found was detailed in the report. We also received recommendations that should have been implemented to eliminate the threats. We are very satisfied with the cooperation with SafetyHeads. Particularly noteworthy is the efficiency in carrying out assigned tasks and excellent communication during the project.