How an insurance agency provided confidence to customers and partners with Web App Penetration Testing
Insurance Group
Case Study
The Requirement
As part of its commitment to customers and partners, and following advice from its insurance provider, an insurance agency wanted to ensure that its website was secure, with no vulnerabilities or holes in its security that could be exploited. Regular checks were being conducted internally, but for absolute peace of mind and to show that the company takes security seriously, an external penetration test was needed.
To learn more, read the full case study.
“Working with DigitalXRAID has been very good from start to finish. The pre-testing engagement with the tester was excellent. It meant we were able to alert partners and suppliers ahead of time as to the exact time that testing would be happening.
The reporting was easy to understand and laid out very well. The executive summary was perfect for sharing with the Board.
I would have no hesitation in recommending DigitalXRAID’s services.”
The insurance agency engaged DigitalXRAID to perform the Web Application Penetration Test to identify any security weaknesses and potential exploitable vulnerabilities.
Over several days, the DigitalXRAID team conducted comprehensive tests which assessed the web app from an unauthenticated and authenticated perspective, and determined whether the web app could be compromised.
DigitalXRAID used various CREST approved tools and techniques as part of the penetration test, in line with industry best practice. Testing was performed using an advanced testing methodology, comprised of years of experience and aligned closely with Open Web Application Security Project (OWASP) and Open-Source Security Testing Methodology Manual (OSSTMM) and other industry standards.
The team conducted comprehensive tests which assessed the web app from an unauthenticated and authenticated perspective and determined whether the web app could be compromised.
At the end of the testing period, DigitalXRAID supplied a comprehensive report, detailing the methodologies followed and highlighting and categorising any vulnerabilities found into low, medium, high and critical priorities. The report included a risk summary that explained how any vulnerabilities identified could be used by an attacker to affect the business.
To learn more about the full pen testing solution, read the full case study.
The Results
The results and report delivered at the end of the web app pen test have given the insurance group the advantage of proactively addressing any gaps, before potential vulnerabilities could be exploited by a malicious actor.
Having addressed the minor issues highlighted in the report, the company is confident that it is currently guarded against active threats from cyber criminals.
The next step in the insurance company’s cybersecurity journey is looking at Cyber Essentials certification, which will extend its commitment to excellence and security for its customers and partners.
If you would like more information on our managed service for penetration testing, get in touch with our team of experts today.
Protect Your Business & Your Reputation.
With a continued focus on security, you can rest assured that breaches and exploits won't be holding you back.
