Description
Client: Cadline
Category: Product Security
Date: 30 May 2022
Client Background
Cadline provides its clients with technology and services to improve business performance. Their dedicated development team offers customers extended capability through increased functionality and the delivery of bespoke applications with proven return on investment. They Specialize in CAD Solutions for Design Professionals.
Problem Statement
As a security Consultant, RSK Cyber Security had to work on the following problem statements:
- With their customer data in their directory, Cadline is required to discover the potential security issues revolving around the sensitive data.
- Required Comprehensive review of 2 versions of the User interface
- They aimed to secure configuration problems
- Alongside test discoveries, they wanted to get mitigation steps to secure their data from hackers.
- They aimed to discover the vulnerabilities in their Web application UI via credentials login.
- They wanted to simulate hackers' actions to look for loopholes in their web applications' UI.
How We have solved it?
RSK Cyber Security Provided Cadline with the holistic approach which includes:
- Provided the patch codes to fix Vulnerabilities discovered in the internal infrastructure.
- Conducted Ethical Hacking with the hacker's mindset
- With limited access, we provided them with the secured encryption
Approaches we used to Solve?
- Network Assessment
- Page source code review
- Authorization assessment
- Authentication assessment
- Gray Box Penetration Testing
Tools Used
- Wireshark
- Burpsuite
- Wappalyzer
- nmap
- Whatweb
What are the Mitigations and Remediations?
suggested improving cipher suites to secure communication
Provided with a Customized security roadmap
Results
Met compliance Regulations
Secured the app from potential cyber attacks
Simplified security practices
