See more projectsA Financial Blockchain-Based Software Testing Project

A Financial Blockchain-Based Software Testing Project

Financial Services
Customer rating
4.9
This ranking reflects our expertise and success
A Financial Blockchain-Based Software Testing Project

About the client

ING, a global bank and our customer, approached us when looking for a trusted vendor of penetration testing services. Andersen's goal was to provide QA coverage for financial Blockchain-based software.

Location:Netherlands
[object Object] on the map

Project overview

Performing penetration testing of the customer's web platform, infrastructure (including Wi-Fi networks), as well as code analysis for vulnerabilities.

duration2 months
technologies
Nessus
Acunetix
Checkmarx
dirb
dirbuster
nmap

Other:

THC Hydra, SQLmap

Concept illustration
The scope of the penetration testing done by Andersen

Challenges

The project is based on blockchain technology and has quite a lot of API integrations. The infrastructure is distributed between several countries. Also, the customer didn't have a test environment - the application was tested in a productive environment, agreeing on test times (when a load is the lowest) and using techniques that could cause a service crash or decrease in performance.

Project Results

Penetration testing revealed quite serious problems with arbitrary API calls without authorization, insecure account password changes, and insecure Docker infrastructure.

Let's talk about your IT needs

What happens next?

An expert contacts you after having analyzed your requirements;

If needed, we sign an NDA to ensure the highest privacy level;

We submit a comprehensive project proposal with estimates, timelines, CVs, etc.

Customers who trust us

SamsungVerivoxTUI

Let's talk about your IT needs