Security Audit and Vulnerability Assessment

The new application met the corporate security objectives when ScaleFocus’ team found and helped the development team to fix 22 potential security gaps with 8 of them being critical.

Business challenge

A leading global airline company had a new application. Because of the nature of the client’s business, the software had to be GDPR compliant with enhanced security capabilities for full protection of customers’ data. The company was in need of an in-depth security audit and a full vulnerability assessment.

Transformation

ScaleFocus’ security team was responsible for the audit and assessment of the application. Our experts provided a comprehensive report and valuable recommendations for the development team on how to fix the security gaps.

Achievements

Removing over 22 potential security gaps (8 of which - critical)

The cyber-defense capabilities of the application were enhanced

Real-time visibility of potential threats

Need to improve your security posture?

Business challenge story

Our client, a leading global airline company, had a newly developed application. Because of the nature of the services of the company, the client had to assess the security posture of the software. The application had to undergo a serious in-depth security audit and vulnerability assessment so that it can meet the company’s strict security objectives.

Also, the software had to be compliant with the GDPR and to prove that it’s secure enough to store customers' data.

The company needed an experienced security team to make the risk assessment and to provide comprehensive recommendations on how to deal with the security gaps.

Transformation story

ScaleFocus was hired to perform the extensive security audit and the in-depth scanning of the application. Our team conducted the audit and the assessment in line with the Open Web Application Security Project (OWASP) and Common Weakness Enumeration (CWE/SANS).

After that, our security team provided a comprehensive report with all the found security misalignments, vulnerability, and threats, such as SQL injection, cross-site scripting (XSS), open ports, unprotected directories, etc. The report contained extensive recommendations for the client on how to deal with the detected security gaps which were over 22, with 8 of them being critical. Based on our detailed report on the breaches and the area that needed improvement, the development team was able to fix them and make the app more secure and protected.

It was time for a second assessment. With it, our security team confirmed that the developers had successfully secured the application.

Achievements story

The security audit of the application was thorough and it successfully identified and helped secure the software. This resulted in the following benefits for the client:

  • Removing over 22 potential security gaps with 8 of them being critical
  • Real-time visibility of potential threats and the end-to-end vulnerability management process
  • The cyber-defense capabilities of the application were enhanced
  • Operational efficiency and ability to meet corporate security objectives even as threat level continues to rise and IT budgets continue to be optimized

About the client

The client is one of the leading worldwide airline companies with a global network of offices.