About the client
A Polish company whose field of activity concerns designing and distribution of clothing. It is listed on the Warsaw Stock Exchange since 2001. It currently owns 5 clothing brands.
The challenge
Testing of the online store for the Client’s brand in terms of security, resistance and susceptibility to attacks that enable data leakage and are capable of affecting integrity of the system.
What we did
Within the project, specialists from Sii tested the system in terms of:
- SQL-injection type susceptibilities.
- Cross-Site Request Forgery – CSRF type susceptibilities.
- Cross-Site scripting – XSS type susceptibilities.
- Unnecessary resource and information leakage.
- Cookie files management.
- SSL / TLS encrypting.
- Access to the system of files.
- Password policy.
Work was carried out remotely from the level of the typical user of the online store and was finished by creating a comprehensive report from the tests, which included all discovered susceptibilities of the system and a number of practical recommendations, which helped to increase the security of the system.
Effects
On the basis of the provided report, Client considered all comments and recommendations and implemented appropriate protection within the system, thus increasing its security and resistance to attacks.
Дізнайтеся більше
