Cybersecurity Consulting for An Innovative Logistics Startup
June 15, 2018
An innovative startup combining Fintech and Logistics tapped Pointwest to ensure the overall cybersecurity of their fintech application. In addition, they needed a third party assessment of the security posture of their up and coming application.
Pointwest proposed a three-month cybersecurity consultancy effort that includes scanning activities. The service was designed to evaluate the security of the client’s infrastructure and the vulnerability of their existing applications. To augment this effort, Pointwest also performed security assessments and audits.
The project team found a security vulnerability that was related to the access of the client’s data. Prior to the project, they used only one folder to store generated invoices for the customers. Also, there was an absence of authentication features that would act as gatekeeper before anyone can access the said folder. Hence, the folder that contains important data can be easily browsed by anyone.
For the security assessment methodology, the team used risk assessment, threat modeling, and dynamic applications security testing (DAST). The technology used was the Burp Suite Pro for scanning the client’s servers. In the case of audits, the team performed Vulnerability Assessment Penetration Testing (VAPT).
After project implementation, the innovative logistics startup company was able to launch the platform. Since the launch of the assessed version, no security issues have been reported. The team was able to secure the application from major security flaws that could compromise the integrity of the system and the confidentiality of the client as well as their customers.