Case studies
If we are able to automate security and testing tooling, we can incorporate it at every stage of the agile cycle, and improve outcomes for security, test and the development teams.
talk to an expertWhen it comes to quality and security, people are your strongest asset—ours too. All of the outsourced team’s attention and effort is focused on the specific activities for which they were hired. This hyper-focus on specific stages in the quality assurance or security process leads to a more deliberately built pipeline which in turn increases revenue. Expertise leads to confidence, which leads to the trust of prospects, which leads to sales.
Case study: Improve and optimize the testing process
Building Test Architecture and Test Strategy in CRM project
Case study: The New Way of Working
The new development and testing strategy implementation in the financial project
Case study: Testing Management
In a management assessment the emphasis is mainly on leadership qualities. In this assessment the focus was on issues like independence, delegating and communication.
Case study: Automated testing
The most important factor that drives test automation is the short development cycle. Agile teams have only a few weeks to get a grasp of the requirement, make the code changes, and test the changes.…
Case study: Social engineering
Social engineering: it was possible to achieve persistent internal access, exfiltrate confidential and personal information, and compromise infrastructure.
Case study: Payment processing API penetration testing
Penetration test: complete compromise of the transaction processing API, which allowed to initiate unsolicited payments on behalf of other registered customers.
Case study: Web application compromise
This case is a very good example why manual penetration tests are valuable – the team achieved compromise without administrator access to the application, not using any known exploits or discovering injection/deserialization/other RCE flaws. The…
Case study: Internal adversary simulation
The adversary simulation activity allowed the security team to demonstrate a complete compromise path while not using any usual, “exploitable” vulnerabilities. Instead, the attackers relied on human factor, weak password policies and password reuse, service…
