Our analysts

Our analysts are some of the most experienced, technically-proficient, risk managers in the industry. They all have had direct responsibility for managing the risk environments of some of the largest, global, blue-chip organisations.

Working in tandem with our AI algorithms our analysts review the relevant content that has been surfaced to seek out only the most pertinent insight for each case at hand. We estimate that the same level of analysis would take a full-time staff member as much as a one week’s effort to produce. Don’t believe us? You can examine the depth and breadth covered within an example case study here.

Challenge

Aiming to enhance the protection of the online services against cyber attacks, We expected to recognize all security shortcomings of the used web applications and alleviate the danger of abusing the system administrations.

As a security advisor, Infopulse expected to:

Play out the assessment of security dangers for the business-basic web applications and system administrations;

Give itemized suggestions on the improvement of data frameworks’ security level.

Solution

The security testing approach suggested by Infopulse was based on the OWASP security testing guidelines.

Infopulse presented a complex solution which included:

Analysis of the information from public resources;
Vulnerability Assessment: discovering all vulnerabilities in the target web and application servers with the use of known automated tools, e.g. Web Inspect, and the developed specific tests;
Black Box and White Box penetration testing;
Controlled hacking of the target systems by experts certified in information security, with the aim to confirm the identified vulnerabilities and discover the undetected ones.
Technologies: OSSTMM, OWASP, Offensive Security, SANS, ISSAF, ISACA

Results

Black Box and White Box penetration testing reports;
A detailed report comprising the list of vulnerabilities and configuration weaknesses, which could be exploited in the network access points;
Recommendations on countermeasures;
Informing the bank’s management team on the existing information security risks.