Client Background
BelVEB BusinessHub is a platform included in the ecosystem of OJSC “Bank BelVEB”. It allows sellers and buyers to receive reliable information about each other, choose partners and goods, and conclude profitable secure transactions using the tools of BelVEB Bank and additional services provided by the platform.
Challenge
In order to test and improve the ability of the web application to resist cyber attacks, VEBTECH had to identify all the security weaknesses of all components of the web application and reduce the risk of the misuse of network services.
Solution
To conduct high-quality complex testing of the web application and its components, VEBTECH penetration testers used OWASP and NIST methodologies. This approach allows you to identify the most important security flaws in the web application and its infrastructure, and provides detailed instructions on how to eliminate the detected vulnerabilities.
VEBTECH presented a solution that included:
• External and Internal penetration testing;
• Vulnerability Assessment: Detect all vulnerabilities in the target web server and application servers using well-known automated tools, develop custom tests, and manual instrumentation testing.
• Static analysis of source code for vulnerabilities and misconfigurations.
Results
• White-Box penetration testing with the provision of a detailed report containing the testing methodology, a description of vulnerabilities and configuration weaknesses that could be exploited by an attacker, a risk assessment and recommendations for eliminating or minimizing risks.
• Static analysis of the code for vulnerabilities and security flaws with the provision of a detailed report in the format of a developer's workbook.