Tradejini Financial services pvt ltd.
Tradejini Financial Services Pvt. Ltd.
About the Client
Tradejini Financial Services Pvt Ltd. provides services for trading in Equity Delivery, Equity Intraday, Stock Futures, Stock Options, Currency Futures, Currency options, Commodity futures, Debt instruments traded on exchanges, Investments in Mutual funds, holding dematerialized financial instruments and trading in Exchange Traded funds.
Network Penetration Testing
Tradejini Financial Services Pvt. Ltd. was facing some Network challenges. Indian Cyber Security Solutions was asked to perform a white box network security audit on its internal office network. The challenge to the network security audit team of Indian Cyber Security Solutions was to perform the entire audit process within 7 working days.
Indian Cyber Security Solutions was ready to perform the network-based penetration testing on their internal office network security, ISO 27001 lead auditor and network engineers were assigned to take up this challenge.
The project was done in the following steps:
The Scope of work was defined by the client. The internal office network architecture and the layout of the network shared with Indian Cyber Security Solutions. NDA (Non-Disclosure-Agreement) was signed between both parties.
Their windows 7 operating system was not up to date. Some Zero-day vulnerabilities were founded by Indian Cyber Security Solutions in which MS17-010 was the major and high priority vulnerability by which the attacker can control their system through remote code execution. Some other critical and medium level vulnerability was also found.
The 3rd Stage is the most important stage of the project as the client has suggested rectification from Indian Cyber Security Solutions. Tradejini Financial Services Pvt Ltd. was asked to update their Windows 7 operating system into the latest version. As per the suggestion after the network security audit conducted by Indian Cyber Security Solutions. The Tradejini Financial services Pvt ltd. were able to update their system as per the suggestion mentioned by the Indian Cyber Security Solutions team.
At the end of the 6th working day, the Tradejini Financial services Pvt ltd. network system administrator had already updated the operating system suggested by the Indian Cyber Security Solutions team. The final stage of vulnerabilities assessment had begun as the Indian Cyber Security Solutions team members had started retesting the network architecture as mentioned in the scope of work to find out all the vulnerabilities which were found previously and the network system administrators were able to update their operating system. Indian Cyber Security Solutions team was able to generate the VAPT report and had handed over the document to the client (Tradejini Financial services Pvt ltd.) along with the certificate.
The customized reports were provided to the Client as per their requirements the details are mentioned below:
- Executive Presentation: Overview of the entire application, the vulnerabilities found, and recommendations were made to mitigate the threats identified on the software.
- Detailed Technical Report: Detailed Technical Report has been generated on the basis of Proof-of-Concept of all the identified vulnerabilities.
- Excel Tracker: Vulnerability tracker aimed at helping the IT assets owner keep track of the vulnerabilities, remediation status, action items, etc.
The benefits are discussed below by conducting thorough security tests and identifying the vulnerabilities:
- Risk Benefits: Risk management of the issue by finding the vulnerabilities and recommended solutions with proven methods to enhance security.
- Cost Savings: Indian Cyber Security Solutions suggested Risk mitigation measures are cost-effective based on the client’s requirements.
- Client Satisfaction: Network Security Assessment was conducted with minimum interruption to identify security vulnerabilities, impacts, and potential risks.