Ensuring best-possible security for business-critical applications

A cyber attack on business-critical applications can disable a business and undermine its reputation, so security around these systems needs to be impenetrable. Recognising this, our Bahamas-based client asked us to assess the security posture of two of its main web applications. These applications hosted a variety of information about the business’ breadth of operations, information about key stakeholders, marketing material and the ability of users to purchase the client’s products.

We carried out a thorough assessment of the two web applications and the underlying infrastructure, probing each facet of both applications for vulnerabilities. We scheduled our testing to run before each business day started to take advantage of faster network speeds at this time and minimise disruption to business.

We found the general security posture of both applications to be good but picked up a number of medium- and lower-level issues. These included a vulnerability to the recently identified POODLE issue, a weakness that allows attackers to exploit an outdated form of encryption.

Our full report provided meticulous analysis of each issue and detailed how it created a potential attack vector for a malicious user. We also provided a comprehensive set of recommended remedial actions to help the client substantially improve protection for its business-critical applications.