EDR/XDR Solution
Patch Management as a Service
OT Security Services
Zero Trust VPN Access
PIM/PAM Solution
Managed SOC Services
Managed Data Loss Prevention
MDR Services
VAPT
Social Engineering Assessment
Red Team Assessment
Imperum
Global Manufacturing Industry
This is for Swedish multinational conglomerate that designs and sells ready-to-assemble furniture, and kitchen appliances and sells ready – to -assemble furniture.
Case Details
Clients: Global Manufacturing
Industry
Start Day: 13/01/2024
Industry: Manufacturing
Project Duration: 3 Years
Download Case Details
Download a detailed report on this case
Let’s Talk
Get in touch with a AiCyberWatch representative to see a demo or simply learn more about our products.
Project Scope:
This has recognized it needs to review its approach to cyber security to adapt to digital transformation and a rapidly evolving threat landscape. Customer processes a large amount of sensitive data, making it an attractive target for cybercriminals. It also worried that its security risk had increased due to the recently launched online portal and the increasing number of workloads being moved to the Public Cloud.
This customer wanted to rethink its approach to detecting vulnerabilities, so it recognized the need to conduct penetration testing of all its Web-facing IAAS, Applications and Internal Development applications to understand and address any vulnerabilities keeping in view the below points.
This Customer recognized that AiCyberWatch’s offensive security expertise would provide the necessary in-depth insight and further support its compliance with the Financial Data Conduct Authority and other relevant compliances.
Solution Approach (Overview of Team + Methodology):
Over the course of approximately 4 weeks, AiCyberWatch’s team of Certified and Accredited testers ran a series of tests to evaluate every element of customer’s network. We focused on finding out the extent to which hacker scan gain unauthorized access to OCI’s critical systems and data.
- Firewall review based on Industry best practices and methodologies
- Internal Infrastructure testing, External Infrastructure testing (assessing security from the perspective of a potential hacker)
- web application testing, build testing, configuration testing
- Conducting both on-site and remote tests simultaneously
AiCyberWatch team worked closely with customer Cyber Security Team to complete the process smoothly without impacting the business operations.
Outcomes and Deliverables:
The AiCyberWatch Team found various Systems and Development Servers with outdated operating systems like Windows 2012 and Windows 2016 as those systems are more vulnerable to security risks because they may lack the latest security updates and patches. This leaves the entire Infra open to cyber-attacks and malware infections that can compromise data. Further, all those systems were upgraded to the latest versions.
The AiCyberWatch team uncovered several threats overlooked by previous pen testing activities. These included default legacy protocols on the network that had not been updated & several weak configurations, including one set by a third-party vendor.
In order to maintain confidentiality, we will not be able to disclose details of customer name, locations, etc.