A Pillar of Application Security - Secure Software Development Life Cycle
A global transportation, relocation services, logistics and storage services with operation over all continentals. Through that architecture, the company can provide support to companies and individuals globally and locally with the relocation services they need.
At a Glance
Development and Integration
Regulatory requirements
What brings them to MXC
The web applications were necessary for a global company to provide its services globally, as well as to manage their orders and resources. The applications developed in the early years might not concern about cyberattacks. If an attacker was able to abuse the vulnerabilities found in the applications, the company would have a significant loss in profit and reputation, as well as law issues, such as violating GDPR if the personal data of EU citizens were lost.
Challenges
- Lack of domain knowledge on the cyberattack techniques.
- A large number of web applications were being used for the business. Lack of internal resources to find out the security issues from each application.
Results
Maximus or MXC Cyber Security Advisory Team was appointed to perform a web penetration test for more than 20 applications of the organization
Several applications were vulnerable to disclose client information from the databases. Furthermore, some of the vulnerabilities allowed the assessor to control the operating system of the web servers.
This penetration practice provided remediations to the existing vulnerabilities. Moreover, it showed how large the impact when their applications faced cyberattacks and improved their developers’ security awareness on coding.