About the Client
NALCO (National Aluminium Company Limited) is a Navratna CPSE under the Ministry of Mines. NALCO is one of the largest integrated Bauxite-Alumina-Aluminium- Power Complex in the Country. This Company has registered sales offices in Delhi, Kolkata, Mumbai, Chennai and Bangalore and 9 operating stockyards at various locations in the Country to facilitate domestic marketing.
The Challenge
Web Application Penetration Testing
NALCO A GOVT. of India Enterprise located in Park Street, Kolkata which was facing Web-based application security challenge. They had to undergo a Web Application Penetration Testing to secure their website. Our Web Application Penetration Tester was asked to take up the challenge and secure the website by undergoing Web Application penetration testing.
The Solution
Indian Cyber Security Solutions was ready to perform the Web-based application penetration testing on their website. ISO 27001 lead auditor and Web Application Penetration tester were assigned to take up this challenge. The project was to be done in 3 stages and to be delivered within the stipulated time frame.
The project was done in the following steps:
Stage 1: NDA documents signed
The scope of work was defined by the client (NALCO). The layout of the web application was share with Indian Cyber Security Solutions. NDA documents (Non-Disclosure-Agreement) signed between both the parties.
Stage 2: Risk Management & Mitigation
The 2nd Stage of risk management and mitigation has started, evaluating the key assets involved in the web application. Few critical levels of vulnerabilities were found by Indian Cyber Security Solutions such as ‘SQL Injection’, ‘Blind SQL Injection’ and ‘Stored Cross-Site Scripting'.
Stage 3: Rectification as per suggestion
The 3rd stage which is the most important stage of the project as the client was suggested the rectification from Indian Cyber Security Solutions and the client had to patch up vulnerabilities as per the suggestion. The NALCO web Developers were able to find out solutions as per the suggestion mentioned by the Indian Cyber Security Solutions team.
Stage 4: Final Assessment and VAPT project submission
At the end of the working day, NALCO Web Developers had already patched the Critical level of vulnerabilities found by the Indian Cyber Security Solutions team. The final stage of vulnerabilities assessment had begun as the Indian Cyber Security Solutions team members had started retesting the web application as mentioned in the scope of work to find out all the critical level vulnerabilities which were found previously and were patched and no high or medium-level vulnerabilities prevail. Indian Cyber Security Solutions team was able to generate the VAPT report and handed over the document to the client along with the certificate. Indian Cyber Security Solutions team had again achieved and completed the assigned task within the stipulated time. Indian Cyber Security Solutions team had again shown high-quality professionalism by meeting up the deadlines and living up to customer's expectations.
The Deliverable
The customized reports were provided to the Client as per their requirements the details are mentioned below:
The Benefits
The benefits are discussed below by conducting thorough security tests and identifying the vulnerabilities:
Testimonial
"We are Very much satisfied with the service provided by the Indian Cyber Security Solutions team. They are a very dedicated team. We had a great experience with them. Meeting up the deadline is a rare talent that they have successfully achieved. We are looking forward to working more in the future with them "
- Sabyasachi Satpathy