Case Studies

Security

Our Client, an online password safe provider contracted with Alteris to conduct a security breach of their systems to assess potential security threats in cyber attacks against their current infrastructure and provide risk mitigating approaches to eliminate the threat.

Our Customer’s client was mandated to have their systems certified to meet customer obligations in cyber security and compliance amongst their customer base. As our customer’s client leverages a online password tracking system the requirement for Alteris was to conduct a vulnerability cyber attack on the current system while identifying customers and client risks and provide a thorough analysis of the exposure and relevant data risks the customer would face.

Solution

Our Approach was to use industry best practices with robust processes to outline and capture a detailed view all of the external IP addresses of the company. With our inventory of IP addresses, we conducted proven approaches with scalable vulnerability studies to determine if there were any known risk areas. In our finding we uncovered several high risk areas.

In this process we collaborated with the end customer to deliver a remediation plan and exercise immediately vulnerable points in the systems and exercised an action plan to mitigate the risk.

In our second round of testing we uncovered no easy vulnerabilities and proceeded with a penetration test.

In our last test of extra vulnerability, we worked with the customer to close any remaining cyber threats that were discovered, and re-tested to verify. In our completion we issued a certificate of compliance.

Value Achieved

The company’s core business is in keeping passwords safe, along with tracking who knows them, and who has used them. In order for them to have any value to their users, they must be secure.

The key accomplishments include:

  • Identifying vulnerabilities in their systems.
  • Assisting with remediation of vulnerabilities.
  • Providing them with a required certificate that states that they had no known vulnerabilies at the time of the completion of the project.
  • This allowed them to procure a very lucrative contract with an interested corporation.