Multi-factor Authentication 
End to End Security 
High End Availability 
Secured Transitions Business Challenge
Aiming to enhance the protection of the online services against cyber-attacks, National Grid needed to identify all security weaknesses of the utilized web applications and mitigate the risk of misusing the network services.
As a security consultant, RSK Business Solution needed to:
- Perform the evaluation of security risks for the business-critical web applications and network services.
- Provide detailed recommendations on the improvement of information systems’ security level.
Solution
The security testing approach suggested by RSK Business Solution was based on the OWASP security testing guidelines.
RSK Business Solution presented a holistic solution to National Grid which included:
- Analysis of the information from public resources.
- Vulnerability Assessment: discovering all vulnerabilities in the target web and application servers with the use of known automated tools.
- Black Box and White Box penetration testing.
- Controlled hacking of the target systems by experts certified in information security, with the aim to confirm the identified vulnerabilities and discover the undetected ones.
- Securitised an additional layer of security on Authentication mechanism using MFA.
Results
- Test plans and approaches used.
- Black Box and White Box penetration testing reports.
- A detailed report comprising the list of vulnerabilities and configuration weaknesses, which could be exploited in the network access points.
- Recommendations on countermeasures.
- Complete Risk assessments and analogy of future plan to integrate with emerging technologies.
