Isle of Fortune

About the Client

The Isle of Fortune is an app developing company which develops gaming apps on android and ios platform.

The Challenge

The Isle of Fortune is a gaming app developing company located in Singapore. They needed to undergo an android and ios app penetration testing for the newly developed game which they plan to launch. Indian Cyber Security Solutions handed over the app penetration tester for performing black-box penetration testing on android, ios respectively.

The Solution

Indian Cyber Security Solutions was ready to perform the Web-based application penetration testing on their website. ISO 27001 lead auditor and Web Application Penetration tester were assigned to take up this challenge. The project was to be done in 3 stages and to be delivered within 15 working days.

The project was done in the following steps:

Stage 1:

The scope of work was defined by the client (Isle of Fortune). The gaming application details were shared with the app penetration tester. NDA (Non-Disclosure-Agreement) was signed between both the parties.

Stage 2:

During the application penetration testing our penetration tester was performed tool-based and manual based testing method and find out critical level vulnerabilities. During the attack simulation, our penetration tester Indian Cyber Security Solutions team was able to find out critical vulnerabilities like CSRF (Cross-Site request forgery) and SQL injection. Some medium level vulnerabilities also found by the Indian Cyber Security Solutions team.

Stage 3: Rectification as per suggestion

The 3rd stage which is the most important stage of the project as the client was suggested the rectification from Indian Cyber Security Solutions. The Isle of Fortune was able to rectify the vulnerabilities and were asked their android app developing a team to patch up the vulnerabilities as per the suggestion of Indian Cyber Security Solutions.

Stage 4: Final Assessment and VAPT project submission 

Indian Cyber Security Solutions team was able to generate the VAPT report and handed over the document to the client along with the certificate. The client (Isle of Fortune) was satisfied with the services.

The Deliverable

The customized reports were provided to the Client as per their requirements the details are mentioned below:

  • Executive Presentation: Overview of the entire application, the vulnerabilities found and the recommendations were made to mitigate the threats identified on the software.
  • Detailed Technical Report: Detailed Technical Report has been generated on the basis of Proof-of-Concept, detailed exploitation of all the identified vulnerabilities.
  • Excel Tracker: Vulnerability tracker aimed at helping the IT assets owner keep track of the vulnerabilities, remediation status, action items, etc.

The Benefits

The benefits are discussed below by conducting thorough security tests and identifying the vulnerabilities:

  • Risk Benefits: Risk management of the issue by finding the vulnerabilities and recommended solutions with proven methods to enhance security.
  • Cost Savings: Indian Cyber Security Solutions suggested Risk mitigation measures are cost-effective based on the client's requirements.
  • Client Satisfaction: Web-Application Security Assessment was conducted with minimum interruption to identify security vulnerabilities, impacts, and potential risks.