Description
Client: WeSuite
Category: Product Security
Date: 30 May 2022
Client Background:
WeSuite provides a centralized platform to its clients and promises to take their team from contact to contract. In other words, they provide the ultimate CRM tools namely - WeOpportunity and WeSuite Go. This makes them the no. one sales management software provider for security, IT, and AV integrators. They build sales strong by providing flexible lead management, detailed estimating, mobile quoting, automated proposal and contract generation, signature, and real-time detailed sales reporting.
Problem Statement
As a security Consultant, RSK Business Solutions provided a QA 2.2 tool with end to end security
- They aimed to examine their application’s security.
- Improvise from desktop-based application to web-based application to bring data from the legacy system.
- Wanted to discover the security weakness in the web-based portal
How We have solved it?
RSK Business Solutions Provided WeSuite with the holistic approach which includes:
- Enabled Multi Factor Authentication
- A Secured configuration Review of the Server
Approaches we used to Solve?
- Vulnerability Assessment Test
- Security Examination
What are the Mitigations and Remediations?
Recommended HTML Headers
Suggested to remove support for weak cryptographic ciphers and weak key strength ciphers
Suggested to introduce strong password policy
Results
Appropriate
configuration
Identifying security weakness at early stages
Implementing complex password policy
