Informationssicherheit

Unsere Security Assessments Referenzen

Aufgrund der Art und Klassifizierung der Informationen denen wir im Rahmen unserer Aufträge bei Kunden einsehen, und den entsprechenden Geheimhaltungsvereinbarungen mit unseren Kunden, sind wir leider nicht in der Lage Kundennamen weiter zu geben. Das Dashboard und die folgende Liste zeigen jedoch die Branchen und den Umfang einiger unserer Social Engineering, Mobile, Web Applikation und Network Penetration Test Mandate. Diese variieren jeweils im Umfang und Komplexität: von wenigen Informationswerten bis zu Hunderten pro Projekt.

Penetration Test & Social Engineering Mandate Statistik

2001

Web Apps

48240

Informationswerte

450

Mobile Apps

129

WLANs

44200

Faktor Mensch

Mandate und Einsätze seit 2017

  • Insurance Company
    2023

    Web App Penetration Testing of a web server hosting multiple apps.


  • IT Services Company
    2023

    Penetration Test of a cloud performance monitoring solution.


  • Healthcare Company
    2023

    Secure Code Review & Web Application Penetration Test following a Greybox approach of a medical application.


  • Internet Service Provider
    2023

    External Network Penetration Testing of several applications and services exposed to the Internet.


  • Insurance Company
    2022

    Breach-Assumed Red Teaming Engagement of insurance company's Thai branches with main objective to discover attack paths leading to domain dominance while testing Blue Team detection & response capabilities.


  • Hospital
    2023

    Network Penetration Testing of 300+ internal assets such as servers, network & security devices, workstations, etc.


  • Software Development Company
    2023

    Web Application Penetration Test following a Greybox approach of an employee retention platform.


  • Electrical & Electronic Manufacturing
    2023

    IoT Security Assessment covering the entire ecosystem of connected door locks and cameras. The assessment included the firmware, wireless, network and physical security review of the IoT devices, Mobile and Web App Penetration Testing of customer apps and web portal, and a network penetration test of hubs and gateways.


  • Banking and Financial Services Company
    2023

    Red Teaming Operations fully focusing on the Get-In phase. The main objective of this engagement was to infiltrate the local network via social engineering and external penetration testing in a stealthy way.


  • Insurance Company
    2023

    Web App & Mobile App Penetration Test against an insurance customer portal. Vulnerability Assessment of several internet-facing assets.


  • Water & Energy Provider
    2023

    Major Security Assessment including multiple engagement such as Red Teaming, Penetration Testing of information assets, wireless networks, and web application, ICS Security Assessment, and more.


  • Investment Management
    2022

    Greybox Web Application Penetration Test of an investment portal icluding a Network Penetration Test of internal and internet-facing systems supporting the portal.


  • General Hospital
    2022

    Network Penetration Testing of 250+ internal assets such as servers, network & security devices, workstations, etc.


  • Electrical & Electronic Manufacturing
    2022

    Web App Pentest of a customer portal and e-commerce application.


  • Internet Service Provider
    2022

    External Network Penetration Testing of several applications and services exposed to the Internet.


  • Charity organization
    2022

    Penetration Test of an Internet Betting System.


  • Venture Capital & Private Equity
    2022

    Security Assessment composed of a Network Penetration Test for 5 critical assets, Vulnerability Assessment of the internal network, and Wi-Fi Pentest against corporate WLAN.


  • University
    2022

    External Network Penetration Test of various Internet-facing hosts, apps, and services


  • Central Bank / International Financial Institution
    2022

    Spear-phishing and mass email phishing simulation against 2500+ users as well as SMS phishing against 300 users.


  • General Hospital
    2022

    External Greybox Web Application Penetration Test for one Intranet web application Electronic Medical Record (EMR) as well as an internal Vulnerability Assessment against 100+ systems.


  • Banking and Financial Services Company
    2022

    Internal Vulnerability Assessment of a corporate network.


  • Financial Services & Payment processor
    2022

    Security Analysis of various binaries and executables.


  • Internet Service Provider
    2022

    Web App Penetration Test following a Greybox approach of five apps and API supporting our customer's daily business.


  • Financial Institution
    2022

    Internal Vulnerability Assessment of a corporate network.


  • Media Company
    2022

    Network Penetration Test and Vulnerability Assessment of various ICT assets such as servers, firewalls, routers, laptops, switches, printers, etc.


  • Software Development Company
    2022

    Web Application Penetration Test following a Greybox approach of an API that turns PDF documents into data as well as Network Penetration Test of several internet-facing systems and services located in Amazon Web Services (AWS).


  • Optical Products Company
    2022

    External Network Penetration Test of multiple internet facing information assets located in several countries in Europe.


  • IT Services Company
    2022

    Penetration Testing of a web defacement monitoring platform.


  • University
    2022

    Web App Penetration Testing of a job portal.


  • Software Development Company
    2022

    Web App Pentest of a CRM.


  • Financial Institution
    2022

    Greybox Web Application Penetration Test of App hosted on Azure that shows data on a spreadsheet with a form for creating and editing data.


  • Internet Service Provider
    2022

    Web App Penetration Test following a Greybox approach of five apps and API supporting our customer's daily business.


  • Marketing & Advertising Company
    2022

    Web App Pentest of an application hosting promotional mini-games.


  • Internet Service Provider
    2022

    Mobile & Web App Penetration Testing of a remote vitals monitoring solution interacting with medial IoT products.


  • IT Services Company
    2022

    Penetration Test & Configuration Review of internal resources.


  • Life Insurance Company
    2022

    Wireless Network Penetration Test of 3 corporate WLAN and one guest wireless network.


  • Machinery Manufacturing Company
    2022

    Web App Testing of a corporate website


  • Fintech Company
    2022

    Web Application Penetration Test following a Greybox approach of a crypto trading website.


  • Educational institution
    2022

    Web Application Penetration Test following a Greybox approach of a public user training and development program with login portal.


  • Government Agency
    2022

    Vulnerability Assessment and Penetration Testing of an environmental monitoring solution composed of a web application, several servers and remote terminal unit (RTU).


  • Outsourcing/Offshoring Company
    2022

    Red Teaming assessment with a first objective to discover technical vulnerabilities in thousands of internet-facing assets which could allow an attacker to get into our client's network. The second objective was to perform a full assessment of the on-premises and azure active directory to identify weaknesses which would lead to privilege escalation and domain dominance.


  • Banking and Financial Services Company
    2022

    Web & Mobile Application Penetration Test of an eBanking portal.


  • Financial Institution
    2022

    Network Penetration Test of several information assets such as web servers and database servers which support a business-critical web application


  • Internet Service Provider
    2022

    Network Penetration Test of an SFTP server.


  • Cyber Security & Software Company
    2022

    Whitebox Application Security Assessment composed of a Penetration Test and Secure Code Review of the web interface of a deep malware analysis & sandboxing platform


  • Insurance Company
    2022

    Web App Penetration Testing of a payment gateway.


  • Software Company
    2022

    Vulnerability Assessment of ICT assets exposed to the internet.


  • Insurance Company
    2022

    Web & Mobile Application Penetration Testing following a Greybox approach of an insurance customer portal.


  • Software Company
    2022

    Greybox Web Application Penetration composed of several mini-apps used to search, analyze, and extract unstructured data.


  • Gambling Facilities and Casinos
    2022

    Web & Mobile App Penetration Test of a Betting Customer Services Information System used by internal customer services staff to enquire sensitive information.


  • Banking and Financial Services Company
    2022

    Web Application Penetration Testing following a Greybox approach of 5 critical apps, Mobile App Security Assessment of 4 apps (both iOS and Android) and a major Network Penetration Test of 200+ internet-facing systems.


  • Offshore & Marine Property Infrastructure Investments
    2022

    Web application penetration test and mobile application security assessment followed by a Greybox approach for a real estate and property arm of a large MNC.


  • Real Estate Company
    2022

    Web Application Penetration Testing of a Properties Sales Brochure and Tenant Information Portal.


  • Real Estate Company
    2022

    Penetration Test of Mall Portal accessible as a Web App and a WeChat mini program.


  • Real Estate Company
    2022

    Secure Code Review of a 100'000+ Line of code PHP application


  • Investment Fund
    2022

    Security Assessment composed of internal and external vulnerability assessment and pentest.


  • Car Manufacturer
    2022

    Social Engineering Assessment using various phishing emails techniques such as website mirroring and email attachments for 2500 users


  • Insurance Company
    2022

    Web Application Penetration Test for multiple web application for entering insurance claim applications, Credit Insurance and Surety, broker portal, Self-Insurance Plans portal, etc.


  • Real Estate and Hospitality Management Company
    2022

    Vulnerability assessment and penetration testing of an Internet facing system for a resort and recreation club.


  • Multi-level marketing company
    2022

    Web Application Penetration Test following a Greybox approach of 60+ E-Commerce websites across the world.


  • Electrical & Electronic Manufacturing
    2022

    Internal & External Network Penetration Test of various IT assets.


  • Banking and Financial Services Company
    2022

    External VA of Internet-facing systems.


  • Government Agency
    2022

    Penetration Test followed by a Greybox approach of a thick-client application of intellectual property (IP) creation, commercialisation and management consultancy.


  • Gambling Facilities and Casinos
    2022

    Mobile App Penetration Test of an application providing information on football matches, live statistics, betting, live game watching, etc.


  • Gambling Facilities and Casinos
    2022

    Mobile Application Security Assessment of an application providing racing, football and mark six betting capabilities.


  • Financial Institution
    2022

    Penetration Testing of an SaaS solution hosted on Google Cloud used for KYC and Compliant onboarding and lifecycle management.


  • Insurance Company
    2022

    Greybox Web Application Penetration Testing for several applications such as agent portals, admin dashboards, call center systems, claim tracking app, etc.


  • Government-Owned Electricity & Gas Distribution Company
    2022

    Blackbox Web App Pentest of a corporate website.


  • Real Estate Company
    2022

    Security Assessment composed of an External Blackbox Web Application penetration test of a corporate website, Wireless Network Pentest of the main WLAN, and an vulnerability assessment of IFA assets and internal systems.


  • Cloud Communication Provider
    2022

    Pentest of an SMS gateway.


  • Insurance Company
    2022

    Breach-Assumed Red Teaming Engagement of an Indonesian insurance firm with main objective to assess defensive solutions, Blue Team's detection capabilities and response.


  • Nonprofit Organization (NPO)
    2022

    Web Application Penetration Test following a Greybox approach of an platform that supports trading of carbon credits.


  • Software Company
    2022

    Greybox Web & Mobile Application Penetration of an AI Chatbot.


  • Banking and Financial Services Company
    2022

    Vulnerability Assessment and Penetration testing of internal and externally reachable ICT assets of the Singaporean branch of a multinational banking company.


  • Insurance Company
    2022

    Web App Pentest of a claim submission customer portal.


  • Financial Services & Payment processor
    2022

    Mobile App Security Assessment of several iOS and Android apps mainly used for making payments and point of sales (PoS).


  • Gambling Facilities and Casinos
    2022

    Penetration Test of a Web Content Operation Support app.


  • Computer Manufacturing Company
    2022

    Red Teaming Operations and Attack Simulation Services for Taiwan-based manufacturer of notebook computers. The Red teaming operations consisted in finding attack paths in a stealthy way to break into the customer's network remotely. Our Red team used vulnerability identification & exploitation techniques as well as social engineering to break into the customer's network.


  • Property Management Company
    2022

    Web & Mobile App Penetration Test of various customer portals and applications.


  • Internet Service Provider
    2022

    Vulnerability Assessment of an shopping mall's ICT assets.


  • Software Company
    2022

    Vulnerability Assessment of publicly accessible services.


  • Property Management Company
    2022

    Web App Penetration Testing following a Greybox methodology of 8 web applications used by our customer from LMS, user access review apps, treasury management portals, ticketing systems, etc.


  • Investment Fund
    2022

    External Network VAPT of several publicy reachable hosts.


  • Property Management Company
    2022

    Penetration Testing of an Microsoft Power BI app.


  • Healthcare Company
    2022

    Web Application Penetration Test following a Greybox approach of an e-commerce application.


  • Social Service Organization
    2022

    Mobile & Web Application Penetration Test of an internal portal supporting our customer's daily work.


  • Internet Service Provider
    2022

    Web App Testing of two eBusiness portals.


  • Software Company
    2022

    Greybox Web App Pentest of a Payroll solution.


  • International Airport
    2022

    Penetration testing of a corporate Symantec Endpoint Protection management server.


  • Government Agency
    2022

    Vulnerability assessment and penetration testing (VAPT) following a Greybox approach government agency security scanning station system.


  • Marketing Agency
    2022

    Vulnerability Assessment and Network Penetration Test of our customer's entire IT infrastructure.


  • Multi-level marketing company
    2022

    Web Application Penetration Test following a Greybox and Blackbox approach of an eBusiness portal which allows users to login, view events, news, blog etc. As well as administrative site Django and Marketing Admin.


  • Energy Provider
    2022

    Penetration test of an Enterprise Resource Planning (ERP) and Public Relation (PR) application.


  • Fintech Company
    2022

    Penetration Testing of an Asset Investment Platform.


  • Internet Service Provider
    2022

    External Vulnerability Analysis of multiple services hosted in Azure.


  • International Airport
    2022

    Internal Vulnerability Assessment of critical ICT assets.


  • Charity organisation
    2022

    Pentest of a Chatbot app.


  • International Airport
    2022

    Penetration testing of a application allowing airport users to provide feedbacks.


  • Banking and Financial Services Company
    2022

    Web App Penetration Testing with a Greybox approach of an eBanking solution including a Network Penetration Test of the backend (web servers, database, etc.).


  • Software Company
    2022

    Penetration Testing of a Field Service Management Software.


  • Fintech Company
    2022

    External Greybox Web Application Penetration Testing for Fintech Start-Up that helps customer pay to receive any payment via credit card without the need for a credit card terminal, website or payment gateway.


  • Software Company
    2022

    Pentest of an AI and deep learning-based video analytics solutions.


  • Internet Service Provider
    2022

    Network Pentest of 5 internal servers.


  • Government Agency
    2022

    Penetration Test of environment landscape of IP cameras.


  • Internet Service Provider
    2022

    Network Pentest of 25 internal servers.


  • Research Institute
    2022

    Penetration Test of a searchable online database to enable scientists to easily browse and search to identify and locate specialised research capabilities


  • Library
    2022

    Web App Penetration Test following a Greybox approach of an e-Library portal.


  • Insurance Company
    2022

    Pentest of a Restful API supporting our customer's daily business.


  • Cyber Security & Software Company
    2022

    External Network Penetration Test of hosts and services exposed to the internet.


  • Global Maritime Industry Group
    2022

    Network Penetration Test of the information assets and services hosted in cargo ship and merchant vessels.


  • Internet Service Provider
    2022

    Web App Pentest of a Call Center solution.


  • State-Owned Lottery
    2022

    Penetration Test of a Draw Operations Management System and its supporting infrastructure.


  • Fintech Company
    2022

    Greybox Web App Penetration Testing including a Mobile Application Security Assessment of Android and iOS apps of an e-Trading solution


  • University
    2022

    Vulnerability assessment and penetration testing for a fleet management system mobile application and web application.


  • Healthcare Company
    2022

    Greybox Web Application Pentest of multiple applications & APIs which streamlines the prior authorization process for all pharmacies and prescribers, optimize specialty pharmacy operations, prescription workflow, and overall patient management


  • Internet Service Provider
    2022

    Network Pentest of a Web Proxy solution.


  • Software Company
    2022

    Web Application Penetration Test following a Greybox approach of an Car sale portal.


  • Insurance Company
    2022

    Penetration Testing of three web applications used by insurance agents and insured users.


  • University
    2022

    Vulnerability assessment and penetration testing with a Blackbox approach for an University public commuting booking system by a land transport system integrator.


  • Insurance Company
    2022

    Pentest of an API allowing e-commerce platforms to sell real-time tickets.


  • Internet Service Provider
    2022

    Network Pentest of critical assets exposed to the worldwide web.


  • Software Development Company
    2022

    Pentest of a learning management system (LMS).


  • Insurance Company
    2022

    Web application penetration test followed by Greybox approach for a Global insurance company online web application.


  • Fintech Company
    2022

    Web App Testing of an data analytics dashboard.


  • Internet Service Provider
    2022

    Network penetration test for ISP's business unit to assess the security posture of their information assets.


  • Government-Owned Electricity & Gas Distribution Company
    2022

    Wireless Network Penetration Test on customer Wi-Fi network for a large energy distributor


  • Gambling Facilities and Casinos
    2022

    Pentest of an internal API.


  • Nonprofit Organization
    2022

    Pentest of a public website.


  • Gambling Facilities and Casinos
    2022

    Penetration Test of a Horse racing scheduling and management system.


  • Insurance Company
    2022

    Web App Pentest of a Claim management system.


  • Gambling Facilities and Casinos
    2022

    Web Application Penetration Test of an Expense management solution.


  • Software Development Company
    2022

    Mobile Application Security Assessment of a reward and loyalty program available via an iOS and Android application.


  • Banking and Financial Services Company
    2022

    Penetration Test of several servers and network devices.


  • Laboratory & Research Institute
    2022

    Pen-test of an application providing lateral flow test kits and PCR testing solutions for individuals and businesses, at home or via a test pod.


  • Software Development Company
    2022

    Web application penetration testing following a Greybox approach for a e-Govt services portal


  • Government-Owned Electricity & Gas Distribution Company
    2022

    Penetration Test of a payment management system.


  • Gambling Facilities and Casinos
    2022

    Assessment of an application used by casino members for facilities booking and member privilege services.


  • Government Agency
    2022

    Vulnerability assessment and penetration testing (VAPT) following a Greybox approach government agency security scanning station system.


  • Property Management Company
    2022

    Penetration Testing of a corporate website and CMS application.


  • Property Management Company
    2022

    Web application penetration test followed by a Blackbox approach for SAP cloud system.


  • Property Management Company
    2022

    Penetration Testing of an e-invoice web portal.


  • Marketing & Advertising Company
    2022

    Penetration Testing of the new corporate website of a well-known single malt Scotch whisky distilleries.


  • Banking and Financial Services Company
    2022

    Major Security Assessment composed of Network Penetration Testing for various critical ICT assets as well as Server Hardening and Configuration Review against CIS Benchmarks.


  • Insurance Company
    2022

    Blackbox Web App Pentest of a Travel Partial Refund portal.


  • Banking and Financial Services Company
    2022

    Conducting network penetration testing on various internal IT assets.


  • Multinational Pharmaceutical Company
    2022

    Pentest of a patient program to build relationship and offer discounts on their medicines for continuous treatments.


  • Multinational Insurance Company
    2022

    Major Security Assessment composed of Web and Mobile App Penetration Test against 100+ critical applications that are highly critical for our customer's daily business and that host sensitive information.


  • Government-Owned Electricity & Gas Distribution Company
    2022

    Penetration Test of an OEM e-Service application and Admin portal.


  • Asset Management Firm
    2022

    Conducting penetration testing on a corporate website


  • Fintech Company
    2022

    Web application penetration test of an API used for secure data exchange network between service provider and consumer.


  • Banking and Financial Services Company
    2022

    Mobile Application Pentest and secure code review of an app allowing consumers to manage credit, debit and prepaid cards conveniently and securely online.


  • Internet Service Provider
    2022

    Penetration Testing of two web apps supporting the creation of a submarine communications network


  • Research Institute
    2022

    Penetration Test of a expense portal.


  • Marketing & Advertising Company
    2022

    Penetration Testing of several dynamic websites used to sell products.


  • Fashion Designer and Manufacturer
    2022

    Greybox Web Application Penetration Testing of an app used for product warranty and return merchandise authorization management.


  • Retail Luxury Goods and Jewelry
    2022

    Penetest of an ERP and a Mobile Point-of-Sale (mPOS) Thick-Client app


  • Banking and Financial Services Company
    2022

    Web App Penetration Testing with a Greybox approach of an eBanking app, appointment scheduler solution, financial assessment portal, etc.


  • Internet Service Provider
    2022

    Conducting a penetration test against a Enterprise cloud based solutions for BCP and telecommuting users.


  • Government-Owned Electricity & Gas Distribution Company
    2022

    Pentest of an e-service portal allowing consumers to manage utilities account, track consumption, meter submission, bill preferences, etc.


  • Financial Institution
    2022

    Whitebox Application Security Assessment composed of a Penetration Test and Secure Code Review of a large crowdfunding platform offering PO Instant financing and Auto Invest.


  • Car Manufacturer
    2022

    Conducting two Social Engineering Assessment campaigns using website phising techniques targetting 2500 users.


  • Government Agency
    2022

    Whitebox Application Security Assessment composed of a Penetration Test and Secure Code Review of highly critical applications.


  • Financial Services & Payment processor
    2022

    Combination of Web Application and Mobile Application Penetration Testing for several apps such as eshops, evouchers, corporate website, payment processing applications, etc.


  • Banking and Financial Services Company
    2022

    Pentest of an application based on Salesforce.


  • Nonprofit Organization
    2022

    Web App Pentest of multiple applications such as Human Resource management solution, room booking portal, appointment scheduler, etc.


  • Fashion Designer and Manufacturer
    2022

    Greybox Web Application Penetration Test of a web shop selling watches, wallets, bags and accessories.


  • Property Management Company
    2022

    Major Security Assessment of a EV Charging Solutions comprised of web applications, mobile applications, API, multiple servers and cloud assets.


  • Financial Services & Payment processor
    2022

    Penetration testing of a web application and mobile app of a money transfer platform to conveniently send money 24/7


  • Software Development Company
    2022

    Assessment of an Accounts Receivable and Billing System


  • Multinational Accounting Firm
    2022

    Vulnerability assessment and penetration testing followed by Greybox approach web application testing for an online digital infrastructure for transactions between supply chain ecosystem partners.


  • Electricity Distributor & Regulator
    2022

    Web Application Penetration Test of ten vital web applications as well as a Vulnerability Assessment of 300+ internal assets.


  • Real Estate and Hospitality Management Company
    2022

    Web applicable penetration testing followed by Greybox approach for a recreational club and resort members portal


  • Investment Fund
    2022

    Email Phishing services targeting a total of 2000 users which included four email phishing campaigns leveraging several social engineering techniques such as phishing websites, typo squatting domains, malicious file downloads and file attachments


  • Retail Company
    2022

    Web Application Penetration Testing of 10+ eCommerce solutions.


  • Insurance Company
    2022

    Web & Mobile Application Penetration Testing following a Greybox approach of an insurance customer portal.


  • Transportation Company
    2022

    Web application penetration test with a Blackbox approach and mobile app security assessment on Android and iOS of a ride-hailing and carpooling application.


  • Government Agency
    2022

    Vulnerability assessment and penetration testing (VAPT) following a Greybox approach government agency security scanning station system.


  • Leading Manufacturers of Automobiles and Commercial Vehicles
    2022

    Social Engineering Assessment with Email Phishing targeting 1200 end-users


  • Fintech Company
    2022

    Mobile App Pentest of a Purchase Orders (PO) financing platform providing financing based on government-backed POs.


  • Electrical & Electronic Manufacturing
    2022

    Mobile Application Security Assessment of an iOS and Android based mobile point-of-sale (mPOS) including a Cloud Security Assessment of an AWS public cloud instance.


  • Banking and Financial Services Company
    2022

    Penetration Test of a business-critical web service as well as Network Penetration Test of several internal IT systems.


  • Banking and Financial Services Company
    2022

    Web Application Penetration Test following a Greybox approach of a Salesforce CRM portal which allows users to submit information about customers, view progress, upload documents, view/edit information and download forms in PDF, etc.


  • International Insurance Company
    2022

    Web and Mobile App Penetration Test across Asia-Pacific region for 70+ critical applications hosting that are highly critical for our customer's daily business and that host sensitive information


  • Fashion Designer and Manufacturer
    2022

    Greybox Web Application Penetration Test of a customer relationship management (CRM) app.


  • Company police and Security Services
    2022

    Blackbox Web Application Penetration Testing of two corporate websites.


  • Environmental Services
    2022

    Major Security Assessment composed of Web Application, Network, and Mobile Application Penetration Testing including a Cloud Security Assessment of a public facing electric charging station and fleet management environment.


  • Telecommunications company
    2022

    Greybox Web Application Penetration Testing of a Real-name Registration portal used by subscriber to register SIM cards.


  • Electricity Distributor & Regulator
    2022

    Web Application Penetration Test of ten vital web applications as well as a Vulnerability Assessment of 300+ internal assets.


  • Government Agency
    2022

    Whitebox Security Assessment composed of Greybox Web App Pentest and Secure Code Review of a global trade platform that facilitates the sharing of data between supply chain ecosystem partners, streamlining information flows through a common data highway by enabling data sharing in a trusted, secure and inclusive way.


  • Research Institute
    2022

    Web Application Penetration Test and Secure Code Review of internal assets and applications used researchers.


  • Electrical & Electronic Manufacturing
    2022

    IoT Security Assessment covering the entire ecosystem of connected Baby monitor. The assessment included the firmware, wireless, network and physical security review of the IoT devices, Mobile and Web App Penetration Testing of customer apps and web portal, and a network penetration test of hubs and gateways.


  • Motion Products & Control Systems Manufacturer
    2022

    Advanced Network Penetration Test composed of a reconnaissance phase which consisted in identifying Internet-Facing targets owned by the customer as well as vulnerability identification and exploitation phase against 150+ externally reachable systems and services


  • International Financial Services Provider
    2022

    Red Teaming Operations including the Get-In, Stay-In and Act phase. The main objective of this engagement was to infiltrate the local network, move laterally to establish persistency and obtain network dominance.


  • International Insurance Company
    2022

    Breach-Assumed Red Teaming Engagement with main objective to assess defensive solutions, Blue Team's detection capabilities and response.


  • Swiss Media Company
    2021

    Web App Penetration Test of a collection of websites providing news in different languages such as English, German, French, Italian, Spanish, Portuguese, Chinese, Arabic, Japanese and Russian.


  • Real Estate Company
    2021

    Mobile Application of an iOS and Android app used by real estate agents and clients.


  • Investment Management
    2021

    Wireless Network Penetration Test of a corporate WLAN and a publicly accessible Wi-Fi network. Vulnerability Assessment of all Internet-Facing and Internal IT assets.


  • International Airport
    2021

    Wireless Network Penetration Test of two corporate Wi-Fi networks.


  • Insurance Company
    2021

    Web Application Testing for an insurance policies management portal.


  • Government Agency
    2021

    Combination of a web application and network penetration test, secure code review, and server hardening & configuration review of a vehicle security scanning station system.


  • Stock Broker
    2021

    Email Phishing with Website Mirroring which consisted in sending a phishing email with the attempt to fool 100 users in providing sensitive information, such as username and password on a phishing website.


  • Cyber Security & Software Company
    2021

    Whitebox Application Security Assessment composed of a Penetration Test and Secure Code Review of the web interface of a deep malware analysis platform


  • Government-Owned Electricity & Gas Distribution Company
    2021

    Greybox Web Application Penetration Test of web portal for green energies.


  • Banking and Financial Services Company
    2021

    Web App Pentest of a credit consumption app.


  • University
    2021

    Web Application Penetration Test following a Greybox approach of three public facing portals


  • Banking and Financial Services Company
    2021

    Network Penetration Testing of servers, network devices, and security equipment.


  • Cloud Hosting Company
    2021

    Web application and network penetration test on one Surveillance Video Management System for local transportation authority use


  • Real Estate Company
    2021

    Network penetration test for one of largest Estate and Property Management company to assess the security posture of their information assets


  • Software Development Company
    2021

    Web application and network penetration test on one Surveillance Video Management System for local transportation authority use


  • Investment Management
    2021

    Web Application Penetration Testing of a Quality Management System and two customer portals.


  • Charity company
    2021

    Penetration Testing of an Oracle Supplier Portal used by suppliers to manage their contact information, business details, bank account and upload billing information.


  • Software Development Company
    2021

    Web Application Penetration Test following a Greybox approach of an eBusiness portal which allows users to submit, update events, activities, and training info.


  • General Hospital
    2021

    Phishing simulation campaign targeting 750 employees including a Voice Phishing simulation against 50 users.


  • Charity company
    2021

    Penetration Test of a Human Capital Management System (HCMS)


  • Law Academy Organization
    2021

    Web Application Penetration Test of two portals for legal research, information, and transactions


  • Banking and Financial Services Company
    2021

    Network Penetration Test of a laptop staged with a hardened image.


  • Information Technology & Services
    2021

    Vulnerability Assessment of internal assets.


  • Information Technology & Services
    2021

    Web App Penetration Test of a lottery and gaming app


  • Banking and Financial Services Company
    2021

    Web Application Penetration Test of a banking app and corporate website. Network Penetration Testing of various internal and internet facing servers, network devices, and security equipment.


  • Association
    2021

    Web App Penetration Test of a corporate website


  • Software Development Company
    2021

    WAPT with Greybox approach of a portal which allows investigators and field operators to expedite the intelligence cycle and extend critical information to users


  • Healthcare Company
    2021

    Email Phishing services targeting a total of 8500 users which included four email phishing campaigns leveraging several social engineering techniques such as phishing websites, typo squatting domains, malicious file downloads and file attachments


  • Software Development Company
    2021

    Red Team Operations and Threat Emulation Services following a Breach-Assumed scenario which consisted in emulating a malicious insider with standard privileges. The main objective was to identify if sensitive information can be discovered and exfiltrated as well as if the internal security team is able to detect our traffic & attacks.


  • Software Development Company
    2021

    Greybox Web App Penetration Testing of a Continuous Integration and Delivery (CI/CD) application. Red Teaming engagement with main objective defined during the engagement was to access and exfiltrate sensitive data and assess the customer security operations center’s capability to detect our attacks.


  • Private Holding Company
    2021

    Web Application Penetration Test of several web portals and business applications including a Network Penetration Test of 70 IT assets.


  • Multinational Insurance Firm
    2021

    Web App Pentest of a retail platform.


  • Furniture Retail Company
    2021

    Penetration Test of a Member Management Web App and a WeChat mini program.


  • Real Estate Company
    2021

    Server Hardening & Configuration Review of an Office365 (O365) instance against security best practices


  • E-Learning Company
    2021

    Mobile Application Security Assessment of an Android and iOS online learning application that helps school students improve their academic performance through personalization and innovation.


  • Government-Owned Electricity & Gas Distribution Company
    2021

    Greybox Web Application Penetration Test of a critical application.


  • Financial Services
    2021

    Web & Mobile Application Pentest of multiple internet-facing apps.


  • Nonprofit Organization (NPO)
    2021

    Penetration Testing of an E-Voting system.


  • Private Banking Company
    2021

    Web & Mobile App Penetration Test of three banking applications.


  • Investment Holding Company
    2021

    Major Security Assessment including multiple engagement such as Penetration Testing for seven web business critical web applications and WeChat mini-apps, Mobile App Pentest of an iOS and Android app which allows access to latest offers, earn points, and redeem rewards through our customer's loyalty program, and two phishing simulations targeting 1000 users each.


  • Investment Management
    2021

    Vulnerability Assessment and Network Penetration Test of several 300+ IT assets


  • Import & Export Company
    2021

    Penetration Test of two web portals.


  • Financial Services
    2021

    Web & Mobile Application Pentest of an application allowing users to apply for loans, withdrawal and make payments within the app, and more.


  • Software Development Company
    2021

    Web App Pentest of a Talent Acquisition and Hiring application leveraging predictive analytics and AI.


  • E-Commerce and Web Development Company
    2021

    Blackbox Web Application Penetration Test of an OpenCart - Open-Source Shopping Cart Solution.


  • Banking and Financial Services Company
    2021

    Greybox Web App Penetration Test of a Human Resource Management App.


  • International Airport
    2021

    Web Application Penetration Test of an API serving multiple purposes.


  • Financial Services
    2021

    Vulnerability Assessment and Network Penetration Test of our customer's entire IT infrastructure.


  • Insurance Company
    2021

    Major Security Assessment including multiple engagement such as Penetration Testing for Internet-Facing systems and several web applications, Server Hardening and Configuration Review for servers, and Network Penetration Test for critical systems.


  • Banking and Financial Services Company
    2021

    Mobile Application Penetration Test of a Banking mobile app.


  • Human Resource Consulting Company
    2021

    Greybox Web App Penetration Test of two HR applications.


  • Multinational Insurance Firm
    2021

    Mobile Application Penetration Test of an app allowing users to purchase insurance policies, initiate claims, schedule appointment, request prescription refills, and more.


  • Government Agency
    2021

    Combination of a web application and network penetration test, secure code review, and server hardening & configuration review of a vehicle security scanning station system.


  • Educational institution
    2021

    Web App Pentest of two web portals used by partners and students.


  • Marketing & Advertising Company
    2021

    Web Application Penetration Test following a Blackbox approach of a public informational corporate website and Greybox test of a client web portal.


  • Ophthalmic Optics Manufacturer
    2021

    Application Penetration Testing of a web ordering system.


  • Food Processing Company
    2021

    Greybox Web Application Penetration Test of a critical application and API.


  • Banking and Financial Services Company
    2021

    Penetration Test of a Banking web application and its IT infrastructure.


  • University
    2021

    Web Application Penetration Test following a Blackbox approach of 20+ internet facing applications supporting our customer's business such as corporate website, student & teacher portals, sign-up app, etc.


  • Electricity Distributor & Regulator
    2021

    Web Application Penetration Test of ten vital web applications as well as a Vulnerability Assessment of 300+ internal assets.


  • Environmental Services
    2021

    Vulnerability Assessment and Network Penetration Test of our customer's entire IT infrastructure.


  • Government Agency
    2021

    Web Application Penetration Test following a Blackbox approach of a public informational website for alternative dispute resolution services.


  • Fintech Company
    2021

    Greybox Web Application Penetration Test of an Accounts Payable Automation Software.


  • Financial Institution & Credit Counseling Services
    2021

    Threat-Intelligence-led Red Teaming composed of the Get-In, Stay-In, and Act phase with the objective of mimicking real-life cyber adversaries to simulate an attack with data exfiltration followed by ransomware. The main objective was to assess both cyber defenses and technologies but also the Blue Team monitoring the security infrastructure.


  • Financial Services
    2021

    Web Application Penetration Test of a Forex trading website.


  • Financial Services & Payment processor
    2021

    Greybox Web Application Penetration Test of 4 applications including customer portals, administration, and back-office portals.


  • Insurance Company
    2021

    Web Application Penetration Test following a Greybox approach of an eBusiness portal which allows employees to submit/view information, download forms in PDF, etc.


  • Banking and Financial Services Company
    2021

    Network Pentest of four critical servers.


  • Financial Services & Payment processor
    2021

    Social Engineering Assessment composed of four Voice Phishing (Vishing) campaigns targeting 50 users each.


  • Software Development Company
    2021

    Penetration Test of an e-Commerce website.


  • Multinational Pharmaceutical Corporation
    2021

    Web App Pentest with a Greybox approach of a patient portal allowing users with chronic diseases to follow all medical recommendations related to drug treatment.


  • Government Agency
    2021

    Web App Pentest of a Chatbot, an FAQ website, and a e-Citizen portal providing information about all government services


  • Financial Services
    2021

    Web Application Penetration Test following a Greybox approach of a loan management system portal.


  • University
    2021

    Web Application Penetration Test of a Single Sign-On (SSO) system.


  • Insurance Company
    2021

    Web Application Penetration Test following a Blackbox approach of a corporate website


  • Internet Service Provider
    2021

    Web Application Penetration Test of the administration portal of a security solution providing advanced server security for physical, virtual, and cloud servers.


  • Electricity Distributor & Regulator
    2021

    Internal Network Penetration of various systems including servers, network, and security devices


  • Healthcare Company
    2021

    Whitebox Security Assessment including a Secure Code Review including, Web, and Mobile Application Penetration Test of a e-Health Check portal which allows users to submit health check status.


  • Insurance Company
    2021

    Web Application Penetration Test following a Greybox approach of a credit claim system


  • Government-Owned Electricity & Gas Distribution Company
    2021

    Penetration Test of a web application used by contractors and 3rd parties.


  • Insurance Company
    2021

    Web Application Penetration Test following a Greybox approach of an eBusiness portal which allows internal users to submit new applications, incidents, and requests, etc.


  • Financial Services Company
    2021

    Secure Code Review & Web Application Penetration Test following a web portal and its API.


  • Software Development Company
    2021

    Web Application Penetration Test following a Greybox approach of an API that turns PDF documents into data as well as Network Penetration Test of several internet-facing systems and services located in Amazon Web Services (AWS).


  • Government Agency
    2021

    Combination of a web application and network penetration test, secure code review, and server hardening & configuration review of a vehicle security scanning station system.


  • Electrical & Electronic Manufacturing
    2021

    Mobile Application Security Assessment of an iOS and Android based mobile point-of-sale (mPOS).


  • Software Development Company
    2021

    Greybox Web App Penetration Testing of the Board Portal application allowing their clients the governance of large and mid-sized corporations providing a useful and elegant interface for the portal.


  • E-Learning Company
    2021

    Web Application Penetration Test following a Greybox approach of an EMS Learning Management System composed of multiple mini-apps and web portals.


  • Real Estate Company
    2021

    Greybox Web App Penetration Testing of a chatbot and its administration interface.


  • Government-Owned Electricity & Gas Distribution Company
    2021

    Greybox Web Application Penetration Test of an Electric Vehicle (EV) Charging Management System.


  • Financial Services
    2021

    Network Penetration Test against several critical servers.


  • Banking and Financial Services Company
    2021

    Vulnerability Assessment services on targeted external and internal IP Addresses.


  • Information Company
    2021

    Penetration Test of a web-based order management system.


  • Luxury Goods & Jewelry
    2021

    Vulnerability Assessment of 1300+ Internet-Facing and Internal hosts.


  • Investment Management
    2021

    Vulnerability Assessment of 200+ workstations and laptops as well as a Network Penetration Test of several severs supporting our customer's daily operations.


  • Employment Agency
    2021

    Penetration Test of two web portals.


  • Internet Service Provider
    2021

    Network Pentest of Internet-Facing services.


  • Government Agency
    2021

    Penetration Test of a thick client used by assessors to review patent and trademark applications.


  • Internet Service Provider
    2021

    Network Penetration Test of a VPN gateway


  • Investment Management
    2021

    Social Engineering Assessment composed of one email phishing campaigns withwebsite mirror targeting 20 users


  • Retail Company
    2021

    Web Application Penetration Test following a Blackbox approach of a Private Corporate Procurement portal which allows clients to access & view products catalogue, pricing details and clients’ information.


  • International Airport
    2021

    Web Application Penetration Test of a community application


  • Government Agency
    2021

    Combination of a web application and network penetration test, secure code review, and server hardening & configuration review of a vehicle security scanning station system.


  • Lasers and Photonics Technology Supplier
    2021

    External Greybox Web Application Penetration Test for a Customer portal and its API


  • Internet Service Provider
    2021

    Blackbox Web App Pentest of an Communications Platform as a Service (CPaaS)


  • Electrical & Electronic Manufacturing
    2021

    IoT Security Assessment covering the entire ecosystem of connected Baby monitor. The assessment included the firmware, wireless, network and physical security review of the IoT devices, Mobile and Web App Penetration Testing of customer apps and web portal, and a network penetration test of hubs and gateways.


  • Multi-level marketing company
    2021

    Web Application Penetration Test following a Greybox approach of 40+ E-Commerce websites


  • Hospitality Company
    2021

    Blackbox Web Application Penetration Test of several customer portals


  • Cryptocurrency Exchange Company
    2021

    Greybox Web App Penetration Testing including Secure Code Review of a merchant web application used for crypto payments.


  • Electrical & Electronic Manufacturing
    2021

    IoT Security Assessment covering the entire ecosystem of Smart IP Cameras. The assessment included the firmware, wireless, network and physical security review of the IoT devices, Mobile and Web App Penetration Testing of customer apps and web portal, and a network penetration test of hubs and gateways.


  • Swiss Private Bank
    2021

    Threat-Intelligence-led Red Teaming engagement following a breach assumed scenario. The assessment had for objective to emulate the Tactics, Techniques, and Procedures (TTPs) of a specific Threat Actor in order to gain persistency by establishing a command & control communication, moving laterally, escalating privileges, with the objective to simulate a exfiltrate sensitive information.


  • Fashion Designer and Manufacturer
    2021

    Greybox Web Application Penetration Test of a customer relationship management (CRM) app.


  • Healthcare Company
    2021

    Greybox Web Application Pentest of multiple applications & APIs which streamlines the prior authorization process for all pharmacies and prescribers, optimize specialty pharmacy operations, prescription workflow, and overall patient management


  • Financial Services & Payment processor
    2021

    Intelligence-Led Penetration Test of an Banking & Finance Software solution


  • IT Company
    2021

    Blackbox Web App Pentest of an ERP system and corporate website


  • International Insurance Company
    2021

    Web and Mobile App Penetration Test across Asia-Pacific region for 50+ critical applications hosting that are highly critical for our customer's daily business and that host sensitive information


  • Leading Manufacturers of Automobiles and Commercial Vehicles
    2021

    Social Engineering Assessment with Email Phishing targeting 1200 end-users


  • Government Agency
    2021

    iOS and Android Mobile Application Security Assessment for an app allowing users to find and register to upcoming events in Hong Kong


  • Software Development Company
    2021

    Blackbox Web App Pentest of a Smart Learning Portal


  • Telecom Provider
    2021

    Greybox Web App Penetration Testing of the web user interface of a Cloud and IP-PBX


  • Software Development Company
    2021

    Web App Pentest of a virtual agents, conversational AI and smart chatbots platform


  • Government Agency
    2021

    Penetration Test of an e-services web portal allowing users to search and list Intellectual Properties


  • Fintech Company
    2021

    Penetration Testing of several Mobile and Web Applications supporting our customer's business such as corporate website, customer portal, sign-up app, etc.


  • IT & Software Consulting Firm
    2021

    Web Application Penetration Test following a Greybox approach of an app allowing users to building workflows in minutes


  • Car Manufacturer
    2021

    Vulnerability Assessment of Internet-Facing systems


  • Department Store Company
    2021

    System Hardening and Configuration Review of Microsoft Windows servers and computers as well as a FortiGate firewall


  • International Airport
    2021

    Web Application Penetration Test of an app providing templates for service provider to showcase their schedule in the airport's shopping mall


  • Government-Owned Electricity & Gas Distribution Company
    2021

    Web App Penetration Test following a Greybox approach of a business critical app


  • Charitable organization
    2021

    Web App Penetration Test of a Human Resource Management System


  • General Hospital
    2021

    Vulnerability Assessment of more than 2000 internal systems and hosts


  • University
    2021

    Web Application Penetration Test following a Greybox approach of an internal financial application


  • Fintech Company
    2021

    Penetration Testing of a peer-to-peer lending marketplace platform that provides retail investors with an easy and transparent way to invest in loans


  • Venture Capital & Private Equity
    2021

    Compromise Assessment targeting several users' emails and SharePoint access of Office 365


  • Insurance Firm
    2021

    Major Security Assessment including multiple engagement such as Vulnerability Assessment, Penetration Testing of information assets, wireless networks, and web application, social engineering with phishing emails, and more


  • Software Development Company
    2021

    Secure Code Review of an application developed in Java & C++


  • Law Academy Organization
    2021

    Greybox Web App Penetration Test of an e-service platform allowing users to deposit and search for will records


  • Insurance Company
    2021

    Web App Penetration Test of an intermediary sales portal, for salesperson to generate & view the reports


  • Security Services Provider
    2021

    Major Security Assessment including multiple engagement such as Penetration Testing for Internet-Facing systems and several APIs, Server Hardening and Configuration Review for servers, and a Secure Code Review for a business critical application


  • International Airport
    2021

    Wireless Network Penetration Test of a corporate WLAN and a publicly accessible Wi-Fi network


  • Banking and Financial Services Company
    2021

    Web Application Penetration Test following a Greybox approach of an E-banking / Online banking application


  • Software Development Company
    2021

    Web App Penetration Test of a chatbot platform designed for retailers and brands, which can automatically recommend products, provides customer service, and delivers personalized stories on all messaging platforms (including Facebook Messenger, WhatsApp, LINE, and WeChat for different regions)


  • Airline Company
    2021

    Web App Pentest following a Greybox approach of contact center platform hosted in AWS


  • General Hospital
    2021

    Phishing simulation campaign targeting 800 hospital staffs, employees and doctors with Coronavirus & COVID-19 themed phishing email


  • Healthcare Company
    2020

    Web Application Penetration Test following a Blackbox approach of a Backoffice/ headoffice system for performance development and review


  • Electricity Distributor & Regulator
    2020

    Web Application Penetration Test of a front end portal that is constructed using Liferay, a backend secured site developed using Angular/Java and several APIs


  • University
    2020

    Greybox Penetration Test of an application (and its APIs) allowing instructors to create and track students’ discussion board in the Telegram applications


  • Software Development Company
    2020

    Web App Penetration Test of an Ad management app


  • Software Development Company
    2020

    Secure Code Review of a license plate recognition application using OCR analytics


  • Healthcare Company
    2020

    Secure Code Review of a business critical application


  • Airline Company
    2020

    Penetration Test following a Greybox approach of an API server and multi-purpose endpoints


  • Law Academy Organization
    2020

    Web Application Penetration Test of a portal for legal research


  • Insurance Agency
    2020

    Blackbox Web Application Penetration Test for an insurance portal as well as a Vulnerability Assessment for 250 IP address internal and internet-facing assets.


  • Telecommunications company
    2020

    External vulnerability assessment for about 2000 IP addresses


  • IT Services and Support Company
    2020

    External network penetration test for 8 Internet-facing hosts


  • Real Estate Company
    2020

    External Blackbox Web Application penetration test for a web application aiming to help immigrants purchasing properties


  • Government-Owned Electricity & Gas Distribution Company
    2020

    Wireless Network Penetration Test on customer Wi-Fi network for a large energy distributor


  • Government-Owned Electricity & Gas Distribution Company
    2020

    Internal network penetration test for 600+ assets, most of which are web application servers, for a large energy distributor


  • Government Agency - Police Department
    2020

    Blackbox Web Application Penetration Testing of an internal web portal


  • Software Development Company
    2020

    Web App Pentest of a smart video interview software


  • Internal School
    2020

    External Network Penetration Test of various Internet-facing hosts, apps, and services


  • Healthcare Company
    2020

    External Greybox Web Application Penetration Test for one Conference Management System and WeChat mini program


  • Government-Owned Electricity & Gas Distribution Company
    2020

    Web Application Penetration Test of an internal web portal


  • Fashion Company
    2020

    Vulnerability Assessment targeting internal servers, computers, network and security devices in Singapore


  • International Insurance Company
    2020

    Greybox Web Application Penetration Test of web portals used by car dealers, insurance agents, and brokers


  • Software Development Company
    2020

    Web App Pentest of a single-sign on solution (SSO)


  • Insurance Company
    2020

    Blackbox Web App Penetration Test of a customer portal and claim management application


  • Banking Company
    2020

    Major Security Assessment comprised of Web and Mobile Application Penetration Testing as well as Network Penetration Test for 200+ Internet-facing assets and services


  • Multinational Insurance Firm
    2020

    Greybox Web Application Penetration Test of a payment solution


  • Government-Owned Electricity & Gas Distribution Company
    2020

    Web Application Penetration Test of an internal web portal


  • Software Development Company
    2020

    Web Application Penetration Test following a Blackbox approach of a platform to control and reduce administrative costs incurred by company employees


  • Government-Owned Electricity & Gas Distribution Company
    2020

    Web Application Penetration Test of a customer portal


  • Software Company
    2020

    Network Penetration Test of several externally reachable and internal information assets


  • Software Company
    2020

    Blackbox Web Application Penetration Testing of a complete and integrated API-enabled Training Management System


  • Photonics Company
    2020

    External Greybox Web Application Penetration Test for one Information Push Web Application which also includes an API


  • International Airport
    2020

    Web and Mobile Application Penetration Testing of an application used by an internal airport to provide information and notifications to the public such as airplane departures and arrivals, etc.


  • Fintech Company
    2020

    Blackbox Web App Pentest of a corporate website


  • Electricity Distributor & Regulator
    2020

    Internal Network Penetration Test of five information assets


  • Mass Transportation System
    2020

    Vulnerability Assessment of 40 information assets


  • Internet Service Provider
    2020

    Security Assessment to assess the security posture of a city-wide public Wireless infrastructure and composed of a Greybox Web Application Penetration Test for 6 apps and Network Penetration Test for several information assets


  • Cyber Security & Software Company
    2020

    Whitebox Application Security Assessment composed of a Penetration Test and Secure Code Review of the web interface of a deep malware analysis platform


  • Software Company
    2020

    Greybox Web App Pentest of an account payable management solution


  • Banking Company
    2020

    Vulnerability Assessment & Network Penetration Test of several internal and externally reachable assets


  • Commercial Bank
    2020

    Greybox Web App Pentest of a credit/debit card application, document submission & application status enquiry


  • Internet Service Provider
    2020

    Web and Mobile App Penetration Testing of a web-based live TV channels solution


  • IT Service Provider
    2020

    Intelligence-Led Penetration Testing & Red Teaming compromised of the Get-In, Stay-In and Act phase against the infrastructure and employees of an IT Service Provider. The Red Teaming engagement’s Get-In phase included both vulnerability identification and exploitation as a mean to break into the customer’s network but also advanced spear-phishing attacks against key employees. The main objective defined during the engagement was to access and exfiltrate sensitive data and assess the customer security operations center’s capability to detect our attacks.


  • Glove manufacturer & supplier
    2020

    ICS Security Assessment of the Operation Technology network


  • Shopping Mall
    2020

    Vulnerability Assessment & Network Penetration Test of several internal and externally reachable assets


  • Computer Emergency Response Team
    2020

    Web Application Penetration Testing of a corporate website which includes features to report incidents


  • University
    2020

    Web App Penetration Test following a Greybox approach of an e-Library portal allowing students to search for articles, e-books, and more


  • Leading Manufacturers of Automobiles and Commercial Vehicles
    2020

    Social Engineering Assessment with Email Phishing targeting 1200 end-users


  • Consumer Goods
    2020

    Web Application Penetration Test following a Greybox approach of an eBusiness portal which allows users to submit custom-made mobile phone purchases


  • Healthcare Company
    2020

    Network, Mobile & Web App Penetration Test of multiple business critical systems and apps hosting strictly confidential information


  • Outsourcing/Offshoring Company
    2020

    Internal Network Penetration Test for 15 live IP addresses, VLAN Segmentation Testing for 5 VLANs and wireless penetration testing for 4 SSIDs in two physical locations.


  • Swiss Media Company
    2020

    Web App Penetration Test of a collection of websites providing news in different languages such as English, German, French, Italian, Spanish, Portuguese, Chinese, Arabic, Japanese and Russian.


  • Energy supplier
    2020

    Network Penetration Testing for 7 Internet-facing assets


  • Insurance Company
    2020

    Web App Penetration Test of web portals used by insurance agents and insured users


  • Building Materials Store
    2020

    Network Penetration Testing of 15+ Internet facing hosts


  • Software Development Company
    2020

    Web App Penetration Test following a Greybox approach of a HR Talent Management application


  • Multinational Cosmetics Company
    2020

    Network Penetration Testing and Greybox Web App Penetration Test of a HR Management App


  • Software Development Company
    2020

    Penetration Testing of a Chatbot Web App


  • Food & Beverages Company
    2020

    Social Engineering Assessment composed of three email phishing campaigns with file attachment, file download and website mirror, each targeting 50 users


  • Multinational Insurance Firm
    2020

    Blackbox Web App Penetration Testing of an insurance renewal management feature


  • Electricity Distributor & Regulator
    2020

    Web Application Penetration Test of two vital web applications as well as a Vulnerability Assessment of 300+ internal assets.


  • Government-Owned Electricity & Gas Distribution Company
    2020

    Web Application Penetration Test of two vital web applications


  • Telecom Provider
    2020

    Web Application Penetration Test following a Greybox approach of a SIP-based IP telephone exchange system


  • Food Company
    2020

    Network Penetration Test of 300+ systems and information assets located in three different sites


  • Fintech Company
    2020

    Greybox Web App Penetration Testing including a Mobile Application Security Assessment of Android and iOS apps of an e-Trading solution


  • Government Agency
    2020

    Web App Pentest of a web portal allowing startups to register to a program aiming to assist in building connection, exploring markets, seeking partners and enhancing brand awareness


  • University
    2020

    Blackbox Web App Pentest of 8 web applications used by students, teachers, staffs, and the general public and ranging from corporate website, student portals, HRMS, informational websites, and more


  • Fintech Company
    2020

    Penetration Testing of an electronic billing SaaS platform reachable via a web application and API


  • Multinational Insurance Firm
    2020

    Web and Mobile App Penetration Testing of an application allowing people to purchase insurances against the most common critical illnesses


  • Insurance Company
    2020

    Mobile App Security Assessment of an Android and iOS car insurance app allowing insured users report a claim or road assistance, check claim status, track the repair, and more


  • Life Insurance Company
    2020

    Wireless Network Penetration Test of 3 corporate WLAN and one guest wireless network.


  • Government-Owned Electricity & Gas Distribution Company
    2020

    Web App Penetration Test of a Time Management app


  • Financial Services & Payment processor
    2020

    Web Application Penetration Testing of an e-Portal used by investors and backend application used for administration purpose


  • Government-Owned Electricity & Gas Distribution Company
    2020

    Web App Penetration Test of an application helping customers reduce their carbon footprint by supporting projects aimed at reducing GHG emissions


  • University
    2020

    Quarterly Vulnerability Assessment of 300+ assets split across 7 campuses


  • Political Party
    2020

    Penetration Testing of an informational public website


  • Multinational Pharmaceutical Company
    2020

    Internal Vulnerability Assessment of our customer's server zone


  • Electrical & Electronic Manufacturing
    2020

    Penetration Testing of a web portal


  • Computer Manufacturing Company
    2020

    Web Application Penetration Testing following Blackbox and Greybox approaches of three apps supporting our customer's business


  • Life Insurance Company
    2020

    Network Penetration Testing of multiple Internet-facing hosts and Vulnerability Assessment of internal information assets


  • Furniture Retail Company
    2020

    Penetration Testing of a web-based Inventory Management System


  • Software Development Company
    2020

    Mobile App Security Assessment of an Android app which allows any app developer to include a customized mini-app game center inside their app


  • Political Party
    2020

    Application Penetration Testing of a web-based and mobile user-interface of an educational app


  • Software Development Company
    2020

    Penetration Testing of an administration portal, web-based chatbot, and an FAQ app


  • Government-Owned Electricity & Gas Distribution Company
    2020

    Web App Penetration Test of a Customer Relationship Management (CRM) application


  • Ophthalmic Optics Manufacturer
    2020

    Application Penetration Testing of a corporate website as well as a web application allowing partners to manage financials, sales and marketing


  • Motion Products & Control Systems Manufacturer
    2020

    Advanced Network Penetration Test composed of a reconnaissance phase which consisted in identifying Internet-Facing targets owned by the customer as well as vulnerability identification and exploitation phase against 150+ externally reachable systems and services


  • Storage & Warehousing Company
    2020

    Penetration Testing of a customer portal


  • Research & Product Development Institute
    2020

    Web App Penetration Testing following a Blackbox approach of two web portals used by researchers


  • Security Vendor
    2020

    Benchmark of our customer's WAF solution by performing a Web App Penetration Test of a vulnerable application protected by the WAF. The assessment also consisted in sending various malicious payloads to the WAF and verifying which are blocked or allowed.


  • Nonprofit Organization
    2020

    Blackbox Web Application Penetration Test of a web portal allowing self-employed person to join an income relief scheme


  • Payroll Service Company
    2020

    Web App Penetration Testing of a payroll HR software allowing staffs to manage leaves, claims, and more


  • Insurance Company
    2020

    Mobile App Security Assessment of an Android and iOS car insurance app allowing insured users to earn a bonus, access to personal driving coach, get tips on how to improve driving skills as well as driving statistics, etc.


  • Transportation Company
    2020

    Greybox Web Application Penetration Testing of an externally reachable app containing sensitive data


  • Airport
    2020

    Network Penetration Test of several internet facing hosts and services


  • Government Agency
    2020

    Web App Penetration Testing of two public website providing information and promoting tourism of a city


  • Multinational Insurance Firm
    2020

    Pentest of a lead management solution used by insurance agents to generate, manage and track new sales opportunities


  • Multinational Insurance Firm
    2020

    Greybox web app PenTest of a direct purchase insurance portal for Whole Life insurance


  • Electrical & Electronic Manufacturing
    2020

    IoT Security Assessment covering the entire ecosystem of connected door locks and cameras. The assessment included the firmware, wireless, network and physical security review of the IoT devices, Mobile and Web App Penetration Testing of customer apps and web portal, and a network penetration test of hubs and gateways


  • Airline Company
    2020

    Mobile Application Penetration Test of an inflight and online shop as well as a performance tracking app which allows users to track real time sales performances against their set goals


  • Multinational Insurance Firm
    2020

    Greybox Web App Penetration Test combined with a Secure Code Review for an app allowing agents to purchase insurance packages


  • Asset Management Firm
    2020

    Breach-Assumed Red Teaming engagement composed of two scenarios. The first scenario consisted in emulating an authenticated attacker with physical access to the customer’s office premise such as a staff employed by cleaning company. The second scenario consisted in mimicking an attack, as a low-privileged domain user with access to the customer’s network. Given the two scenarios, the objective was to identify if an attacker could penetrate our customer’s defenses and gain unauthorized access to organization’s Domain Controller within the given timeframe.


  • Healthcare Company
    2020

    External Greybox Web Application Penetration Test for one Conference Management System and WeChat mini program


  • Real Estate Company
    2020

    External Blackbox Web Application penetration test for a web application aiming to help immigrants purchasing properties


  • Financial Services & Payment processor
    2020

    Major security assessment engagement consisting in the penetration test of 40 web apps and 5 mobile applications ranging from informational websites to critical application handling online payments for multinational commercial banks in order to satisfy PCI-DSS requirements


  • Online Library
    2020

    Greybox Web App Pentest of an online library


  • International Insurance Company
    2020

    Web Application Penetration test of an insurance broker platform


  • Healthcare Company
    2020

    Web App Pentest following a Greybox of multiple applications which streamlines the prior authorization process for all pharmacies and prescribers, optimize specialty pharmacy operations, prescription workflow, and overall patient management.


  • Government-Owned Electricity & Gas Distribution Company
    2020

    Greybox Penetration Test of a Thick Client


  • Public Agency Responsible for Critical IT Infrastructures
    2020

    Penetration Test by following a Blackbox approach of web application which provides secure access to radiology imaging data from multiple sources


  • Leading Manufacturers of Automobiles and Commercial Vehicles
    2020

    Web and Mobile Application Penetration Test combined of an app that aims to recognize, encourage and reward the performance of the car manufacturer's sales teams


  • Airline Company
    2020

    Mobile Application Penetration Test of an inflight and online shop as well as a performance tracking app which allows users to track real time sales performances against their set goals.


  • Software Development Company
    2020

    Blackbox Web App Penetration Testing of 3 Kiosk apps used in an international airport.


  • Ratings Agency
    2020

    Multiple Security Assessments such as Wireless Network Pentest of multiple internal WLANs, Web App Penetration Tests of a corporate site and customer portal, and Network Penetration Test of multiple Internet-Facing assets.


  • Electricity & Gas Distribution Company
    2020

    Penetration Testing of a Chatbot Web App.


  • Multinational Insurance Firm
    2020

    Secure Code Review and Greybox Web Application Penetration Test of a Single-Sign On (SSO) App.


  • Software Development Company
    2020

    Blackbox Web App Penetration Testing of a Volunteer Management System (VMS) and its administration portal.


  • Electrical & Electronic Manufacturing
    2020

    IoT Security Assessment of an IoT device which monitor in real time information such as temperature, flow rate, energy consumption.


  • Multinational Insurance Firm
    2020

    Web Application Penetration Testing of three Insurance portals used by consumers.


  • Internet Service Provider
    2020

    Major Security Assessment to assess the security posture of a city-wide public Wireless infrastructure and composed of a Blackbox Web Application Penetration Test for 6 apps and Network Penetration Test for 175+ information assets.


  • Online Stock Brokerage
    2020

    Multiple Cyber Security Assessments covering Mobile Apps, Web Application, and the Infrastructure of an online trading platform designed for investors to access international markets and build global investment portfolios.


  • Software Development Company
    2020

    Mobile App Security Assessment of an iOS and Android mobile app including a backend Web API allowing users to manage coworking and shared spaces.


  • Banking and Financial Services Company
    2020

    Blackbox Web Application Penetration Test of two eBanking apps.


  • Healthcare Company
    2020

    Web App Pentest combined with Mobile App Security Assessment of an app allowing users to access health benefits, locate nearby clinics, call a medical provider, and more.


  • University
    2020

    Web App Penetration Test following a Greybox approach of an Intranet portal.


  • Mass Transportation System
    2020

    Major Security Assessment including multiple engagement such as Vulnerability Assessment, Penetration Testing of information assets, Server Hardening and Configuration Review, and ICS Security Assessment of a tunnel ventilation & environment control system.


  • Electricity & Gas Distribution Company
    2020

    Wireless Network Penetration Test of 3 corporate WLAN and one guest wireless network.


  • Software Development Company
    2020

    Mobile App Penetration Test of a VoIP app for business


  • Healthcare Company
    2020

    Web App Pentest of a customer service software.


  • Medical Clinic
    2020

    Web Application Penetration Test of a website providing information about our customer's clinics and allowing users to book appointments.


  • Banking Company
    2020

    Network Penetration Test for 100+ internal as well as internet-facing assets. Email Phishing simulation targeting 100 users with malicious attachments.


  • Electricity & Gas Distribution Company
    2020

    Mobile App Security Assessment combined with a Web App Penetration Test of board management software.


  • Hospital
    2020

    Social Engineering Assessment which consisted in sending a phishing email with the attempt to fool 800 users in providing sensitive information, such as username and password on a mirrored website which look extremely similar as a real website.


  • International Airport
    2020

    Vulnerability Assessment of 75+ internal information assets.


  • Electricity Distributor & Regulator
    2020

    Web Application Penetration Test of two vital web applications as well as a Vulnerability Assessment of 300+ internal assets.


  • Cloud Solution Provider
    2020

    Network Penetration Test of several internal servers and network devices.


  • Banking Company
    2020

    Web Application Penetration Test of an eBanking app.


  • Multinational Insurance Firm
    2019

    Web Application Penetration Testing combined with Mobile Application Security Assessments of several apps used by our customer and its clients.


  • Healthcare Company
    2019

    Network Penetration Test of several information assets such as web servers and database servers which support a business-critical web application


  • Government-Owned Electricity & Gas Distribution Company
    2019

    Web Application Penetration Test following a Greybox approach of an eBusiness portal which allows users to submit new applications and requests, view progress, upload documents, view/edit applications and download forms in PDF, etc.


  • Insurance Company
    2019

    Penetration Test of an insurance customer portal.


  • Internet Service Provider
    2019

    Security Assessment package comprised of Web App Testing of a corporate website, external Network Pentest of several internet-facing hosts, Wireless Network Penetration Testing of a corporate WLAN and System Hardening & Configuration Review of a Microsoft Active Directory server.


  • International Airport
    2019

    Network Pentest of several internal assets of various type.


  • Software Development Company
    2019

    Mobile App Security Assessment of an app promoting mental health and happiness in companies.


  • Insurance Company
    2019

    Penetration Test of an on-premises file share and collaboration platform as well as web mail portal.


  • Leading Manufacturers of Automobiles and Commercial Vehicles
    2019

    Web Application Penetration Testing following a Blackbox approach of 30+ Internet-facing apps.


  • Insurance Agency
    2019

    Web App & Network Penetration Test of web server hosting multiple applications.


  • Private Bank
    2019

    Web Application Penetration Test of talent management / job application.


  • Software Development Company
    2019

    Penetration Test of a data integration Web API built to connect a variety of data sources and applications and perform analytics and ETL processes.


  • Software Development Company
    2019

    Security Assessment package comprised of Web Application and Network Penetration Test as well as a Secure Code Review


  • Government-Owned Electricity & Gas Distribution Company
    2019

    Pentest of an e-Kiosk allowing homeowners are able to apply and terminate their utility accounts.


  • Insurance Company
    2019

    Penetration Test of a life insurance web portal.


  • Multinational Pharmaceutical Company
    2018

    Internal Vulnerability Assessment of our customer's server zone.


  • Water & Energy Provider
    2019

    Web App Pentest of a smart metering application that provides data management capabilities, task flow engine and controlling smart meters of an entire city.


  • Multinational Insurance Firm
    2019

    Web App Penetration Test of a quotation issuance application.


  • Government Agency
    2019

    Internal Network Penetration Test of four servers.


  • Law Academy Organization
    2019

    Web Application Penetration Test of a portal for legal research, information and transactions


  • Insurance Company
    2019

    Penetration Test of an Insurance portal as well as its iOS and Android mobile app.


  • Cloud Solution Provider
    2019

    Web App Penetration Testing following a Greybox approach of a unified multi-bank trade finance portal.


  • Internet Service Provider
    2019

    Vulnerability Assessment of several assets spread across multiple sites.


  • Fashion Designer and Manufacturer
    2019

    Greybox Web Application Penetration Test of a customer relationship management (CRM) app.


  • Financial Services
    2019

    Internal Network Penetration Test of an Active Directory server


  • Insurance Company
    2019

    Penetration Test covering three web applications exposed to the Internet.


  • Electricity Distributor & Regulator
    2019

    Web Application Penetration Test of ten vital web applications as well as a Vulnerability Assessment of 300+ internal assets.


  • Government-Owned Electricity & Gas Distribution Company
    2019

    External Network Penetration Test of 100 assets.


  • Law Academy Organization
    2019

    Greybox Web App Penetration Test of an ePayment application


  • Multinational Insurance Firm
    2019

    Penetration Test of a web application allowing our customer's employees to create leads and quotes for life insurances.


  • Financial Services & Payment processor
    2019

    Social Engineering Assessment consisting of sending phishing emails to 400+ employees in order to trick users into providing username and password via a phishing website.


  • Insurance Company
    2019

    Security Assessment combining Wireless, Web, and Network Penetration Testing for various type of assets as well as two Social Engineering campaigns with email phishing targeting our customer's employees.


  • Software Development Company
    2019

    Web App Penetration Test following a Greybox approach of a HR Talent Management application.


  • Insurance Company
    2019

    Web App PenTest of five internet-facing applications as well as a network penetration test of 15+ internal and external assets.


  • Insurance Company
    2019

    Mobile & Web App Penetration Testing of multiple apps ranging from customer portals for insurance policy management to portfolio management.


  • Private Bank
    2019

    Web Application Penetration Test of a visitor management application


  • Logistics company
    2019

    Web App Pentest of multiple apps providing supply chain and global trade management, cloud-based messaging and collaboration platform, etc.


  • Electrical & Electronic Manufacturing
    2019

    Network Penetration Test of externally reachable as well as internal information assets.


  • Internet Service Provider
    2019

    Blackbox Web App Pentest combined with a Secure Code Review of a captive portal used to authenticate users when accessing a broadband wireless network deployed across an entire city.


  • Multinational Insurance Firm
    2019

    Web Application Penetration Testing of four Internet-facing web apps such as human resource app, data analytics tool‎, Insurance apps allowing policy holders to easily access policy details anytime, etc


  • Internet Service Provider
    2019

    Web and Mobile Application Penetration Test of 15+ apps supporting our customer's business.


  • Banking Company
    2019

    Web and Mobile Application Penetration Test of an app that features comprehensive trading, market monitoring on mobile platform.


  • Government Agency
    2019

    Wireless Network Penetration Testing of the main wireless network.


  • Software Development Company
    2019

    Mobile App Security Assessment of a cash register / Mobile Point-of-Sale (mPOS) running on iOS Apple iPad.


  • Software Development Company
    2019

    Web App Pentest of an informational website providing information about an event.


  • Internet Service Provider
    2019

    Vulnerability Assessment of 650+ Internal and Internet-facing information assets.


  • Insurance Company
    2019

    Web & Mobile Application Penetration Testing of 10 business critical internet-facing apps.


  • Global Gaming Hardware Manufacturing Company
    2019

    Penetration Test of a Thick Client giving access to advanced Gaming mouse options to rebind buttons, assign macros, personalize device lighting and more.


  • Multinational Insurance Firm
    2019

    Web Application Penetration Testing of four Internet-facing web apps such as mobile device management, web mail, insurance portal, etc.


  • Retail Banking Company
    2019

    Web and Mobile Application Penetration Test of an app offering car loans.


  • Amusement park
    2019

    Web App & Network Penetration Test of an eTicket application and its supporting infrastructure


  • Insurance Firm
    2019

    Web App Penetration Test following a Greybox approach of five apps and API supporting our customer's daily business.


  • Banking Company
    2019

    Network Penetration Test of six vital servers processing and storing strictly confidential information.


  • International Airport
    2019

    Web and Mobile Application Penetration Test of an app providing passenger with news, safety notices, procedures, airport information circulars, airside operations notices, etc.


  • Logistics company
    2019

    Network Penetration Test of 50 Internet facing assets such as FTP server, Mail server, Palo Alto Networks firewall, Citrix Portal, VPN gateway, Routers, etc.


  • Multinational Insurance Firm
    2019

    Web Application Penetration Testing combined with Mobile Application Security Assessments of several apps used by our customer and its clients such as Jira Service Desk, Agency Portal, Medical App connecting patients with TPAs, etc.


  • Financial Services
    2019

    Secure Code Review of a trading platform


  • Banking Company
    2019

    Web and Mobile Application Penetration Test of an app and its backend infrastructure used to provide fuss-free loans and cash advance facility.


  • Hospital
    2019

    Network Penetration Test of the Hospital's Internet-facing assets and services.


  • University
    2019

    Web & Mobile App Penetration Test following a Greybox approach of 4 web apps exposed to the Internet that enables students and faculty quick access to their class timetable, study guides, textbook, recorded lectures, narrated presentation materials and past year exam papers, etc.


  • University
    2019

    Blackbox & Greybox Web App Pentest of 25+ internal and internet facing apps such as procurement portal, ERP, Chatbot, Payment gateway, sourcing app, etc.


  • Insurance Company
    2019

    Web Application Penetration Testing of multiple Internet facing apps used by our customer and its clients.


  • Chocolate & Cocoa Products Company
    2019

    Network Pentest of several internally hosted and internet facing hosts.


  • Internet Service Provider
    2019

    Major Security Assessment comprised of Web, Network, and Wireless Network Penetration Testing as well as Secure Code Review of a large infrastructure.


  • Insurance Company
    2019

    Web App Penetration Testing of web portal allowing SME's to purchase commercial lines policies.


  • Financial Services
    2019

    Web & Mobile Application Pentest of multiple internet-facing apps.


  • Emergency and Crisis Management
    2019

    Mobile App Security Assessment combined with a Greybox Web Application Penetration Test of a cloud-based business application providing sophisticated tools to support enterprises in their Quality, Compliance, Training and Reporting Management.


  • Insurance Company
    2019

    Mobile & Web App Penetration Testing of a car insurance portal allowing insured users to check policy details, report a claim, request road assistance, etc.


  • Privat Bank
    2019

    Network Penetration Test of externally reachable as well as internal information assets.


  • Multinational Insurance Firm
    2019

    Penetration Test of several Internet-Facing web application used by our customers, brokers, and insured users.


  • Publisher
    2019

    Web App Penetration Test of a two apps supporting our customer's daily business.


  • Multinational Insurance Firm
    2019

    Web Application Penetration Test of an informational website providing information to the public about the insurance company.


  • Life Insurance Company
    2019

    Network Penetration Testing of the insurance's infrastructure exposed to the Internet.


  • Multinational Insurance Firm
    2019

    Web Application Penetration Testing of a newly developed portal


  • Government-Owned Electricity & Gas Distribution Company
    2019

    Web Application Penetration Test of an application allowing users to open an account


  • Software Development Company
    2019

    Web App Pentest of an Enterprise Resource Planning System (ERP)


  • Airline Company
    2019

    Web Application Penetration Test following a Greybox approach of an ordering portal supporting a web shop.


  • Zoo
    2019

    Network Penetration Testing of the Zoo's Internet facing assets as well as Wireless Network Penetration Test of the Zoo's corporate and guest WLAN.


  • Airline Company
    2019

    Web and Mobile Application Penetration Test of an inflight and online shop.


  • Chocolate & Cocoa Products Company
    2019

    Email Phishing Simulation targeting 80 employees as well as the execution of a Vulnerability Assessment covering all internal information assets.


  • Internet Service Provider
    2019

    Secure Code Review of a captive portal used to authenticate users when accessing a broadband wireless network deployed across an entire city.


  • Software Development Company
    2019

    Network Penetration Test of an Internet facing asset hosted in Amazon AWS.


  • Financial Services & Payment processor
    2019

    Mobile Application Security Assessment combined with a Web Application Penetration Test of a mobile app enabling contactless payment via Tap & Pay.


  • University
    2019

    Blackbox Web App Pentest of six web applications used by students, teachers, staffs, and the general public


  • Banking Company
    2019

    Network Penetration Test of three business critical servers


  • Information Technology & Services Company
    2019

    Web Application Penetration Test of an employee benefit solution allowing users to submit, view and track claims submissions.


  • Hospital
    2019

    Network Penetration Test of internal and internet facing information assets


  • Software Development Company
    2019

    Web Application Penetration Test of an app allowing you to create workflows in order to automate your business processes


  • Multinational Insurance Firm
    2019

    Web Application Penetration Testing following a Blackbox approach of a Personal Accident and Health Insurance web portal.


  • International Airport
    2019

    Web and Mobile Application Penetration Test of an app and its backend infrastructure used by airport passengers for flight information, wayfinding and recommendations on places to eat, drink, shop and explore at the airport.


  • Banking Company
    2019

    Wireless Network Penetration Testing of a corporate WLAN.


  • International Airport
    2019

    Secure Code Review of a Web Application used within a Kiosk to provide free internet access to passengers.


  • Datacenter Service Provider
    2019

    Web Application and Network Penetration Test of a CRM and Customer Portal


  • Multinational Cosmetics Company
    2019

    Network Vulnerability Assessment and Penetration Testing consisting in testing our customer internal and external infrastructure comprised of 8000+ assets across 15+ countries in Latin America


  • Financial Services & Payment processor
    2019

    Major project consisting in the penetration test of 30 web applications and 10 mobile applications ranging from informational websites to critical application handling online payments for multinational commercial banks.


  • International Airport
    2019

    Web and Mobile Application Penetration Testing of an application used by an internal airport to provide information and notifications to the public such as airplane departures and arrivals, etc.


  • International Airport
    2019

    Web Application Penetration Testing of an app used to make airport tour requests.


  • International Airport
    2019

    Application penetration test of a web and mobile app used to stay connected and communicate with end-users (e.g. share news, get feedbacks, etc.).


  • Internet Service Provider
    2019

    Wireless Network Penetration Testing as well as a Vulnerability Assessment of a wireless LAN reachable across an entire city


  • Social Service Organization
    2019

    Penetration testing as well as System Hardening and Configuration Review of a web application and its underlying components.


  • Software Development Company
    2019

    Penetration test of a lease management software for commercial real estate properties.


  • Multinational Insurance Firm
    2019

    Web Application Penetration Testing of a customer portal allowing customers to buy travel insurances.


  • Healthcare Company
    2019

    Major Security Assessment including multiple engagement such as Penetration Testing of several web and mobile application as well as secure code review for business-critical applications.


  • Government Agency
    2019

    Penetration test of a governmental web application used to share information to the public about parks, gardens and natural reserves.


  • Multinational Insurance Company
    2019

    Blackbox Web App Penetration Testing of multiple applications used by our customer, 3rd parties, and its customers such as customer portals, informational websites, document management systems, insurance brokers & underwriting agencies apps, etc.


  • Insurance Company
    2019

    Web Application Penetration Test of multiple critical web applications and web API.


  • University
    2019

    Network Penetration Test of several SFTP servers exposed to the Internet.


  • Insurance Company
    2019

    Greybox Web Application Penetration Testing of a customer portal providing access to contract-related documents, invoices, as well as allowing end-users to manage contracts online.


  • Shipping Management Service Provider
    2019

    Wireless Network Penetration Test of our customer's corporate WLAN.


  • Healthcare Company
    2019

    Web App Penetration Test of an app used to optimize specialty pharmacy operations, prescription workflow, and overall patient management.


  • Banking Company
    2019

    Web Application Penetration Test of critical web application


  • Optical Products Company
    2019

    External Network Penetration Test of multiple internet facing information assets located in several countries in the South-East Asia region.


  • University
    2019

    Greybox Web Application Penetration Test of an integrated, functional and chemical genomics-based high-throughput/high-content screening (HTS/HCS) platform.


  • Optical Products Company
    2019

    Greybox Web Application Penetration Test of an e-Commerce website.


  • Pension Fund
    2019

    Web App Penetration Test of an e-business platform with which members or partners of the pension fund can transmit electronic reports and retrieve data.


  • Insurance Company
    2018

    Penetration Test of a web application and thick client used as part of a unified communication solution.


  • Entertainment & Casino
    2019

    Major Security Assessment including multiple engagement such as Vulnerability Assessment, Penetration Testing of information assets, wireless networks, mobile, and web application, social engineering with phishing emails, and more.


  • Software Development Company
    2019

    Mobile App Penetration Test of a payment management mobile app and its backend web API used by end-users to get full overview of their payments, account balance, etc.


  • Government Agency
    2019

    Greybox Web Application Penetration Test of a sensitive web app.


  • Insurance Company
    2019

    Mobile Application Penetration Test of a mobile app and its backend web API that provides direct access to producer statements, production, policy inquiries, trainings, and more.


  • Electronics Manufacturer
    2019

    Combination of several cyber security assessments such as Social Engineering Assessment, Network, and Web App Penetration Test.


  • Heating & Ventilation Manufacturers
    2019

    Penetration Test of an online shop that allows end-users to purchase heating and air solutions with solar, heat pumps, biomass, oil, gas and district heating.


  • Insurance Company
    2019

    Wireless Network Penetration Test of our customer's corporate WLAN.


  • Insurance Company
    2019

    Greybox Web Application Penetration Testing of a cloud service built and managed by our customer.


  • University
    2019

    Greybox Web Application Penetration Test of multiple web applications supporting our customer's vision to use genomic sciences to improve public health and public prosperity.


  • Railway Company
    2018

    Greybox Web Application Penetration Test of an app that provides up-to-date information on public transport and provides personalized offers and packages for children and kids.


  • Healthcare Company
    2018

    Blackbox Web Application Penetration Test of a healthcare web application.


  • Law Academy Organization
    2018

    Blackbox Web App Penetration Test of an information legal news website.


  • Water & Energy Provider
    2018

    Major Security Assessment including multiple engagement such as Red Teaming, Penetration Testing of information assets, wireless networks, and web application, Social Engineering with USB drop and phishing emails, ICS Security Assessment, and more.


  • Retail Group
    2018

    Greybox and Blackbox Web Application Penetration Test of web shops owned by a holding group listed at Mexican Stock Exchange.


  • Insurance Company
    2018

    Web Application Penetration Test of multiple externally reachable web apps used by insured users.


  • International Airport
    2018

    Wireless Network Penetration Test of several WLAN networks and internal Network Penetration Test of the infrastructure supporting the wireless network.


  • Fashion Designer and Manufacturer
    2018

    Greybox Web Application Penetration Test of a web shop selling watches, wallets, bags and accessories.


  • Insurance Company
    2018

    Mobile Application Penetration Testing of an Android app and its backend providing medical services to our customer's users.


  • Payroll Service Company
    2018

    Network Penetration Test of a Citrix VDI Environment.


  • Maritime Industry Group
    2018

    Network Penetration Test of internal information assets


  • Social Security & Insurance Company
    2018

    Cyber Security Assessment which consisted in assessing our customer's defense against malware.


  • Financial Company
    2018

    External Network Penetration Test of multiple internet facing information assets.


  • Insurance Company
    2018

    Web Application Penetration Test of a complete HRMS system and Talent Management system built for effective human capital management.


  • Banking Company
    2018

    Web Application Penetration Test of an eBanking application and additional web apps used for daily business by our customer.


  • Swiss Media Company
    2018

    Web App Penetration Test of a collection of websites providing news in different languages such as English, German, French, Italian, Spanish, Portuguese, Chinese, Arabic, Japanese and Russian.


  • Social Security & Insurance Company
    2018

    Social Engineering Assessment which included four phishing email campaigns and targeting 100 users.


  • Insurance Company
    2018

    Blackbox Web Application Penetration Test of multiple applications.


  • Software Development Company
    2018

    Greybox Web App Penetration Testing of an event registration portal.


  • Banking Company
    2018

    Web Application Penetration Test of a risk case management application.


  • Oil and Gas Services Company
    2018

    Web app and Network Pentest for several assets that are reachable via the Internet.


  • Multinational Insurance Company
    2018

    Web Application Penetration Test of a chatbot.


  • Online Retail Company
    2018

    Penetration Test of an online shop.


  • Healthcare Company
    2018

    Blackbox Web Application Penetration Test of an application supporting our customer s business.


  • Software Development Company
    2018

    Greybox Web App Penetration Testing of the Board Portal application allowing their clients the governance of large and mid-sized corporations providing a useful and elegant interface for the portal.


  • Hospital
    2018

    Vulnerability Assessment and Penetration Test of our customer's public IP range.


  • Multinational Pharmaceutical Company
    2018

    Internal Vulnerability Assessment of our customer's server zone.


  • Internet Service Provider
    2018

    Greybox Web Application Penetration Test of a loyalty program application.


  • University
    2018

    Vulnerability Assessment of several critical information assets.


  • Electric Utility Company
    2018

    Blackbox Web App Penetration Test of an informational portal which allows visitors to view electricity plans, promotions, and sign up.


  • Electric Utility Company
    2018

    Greybox Web Application Penetration Test for a business-critical application.


  • Hospital
    2018

    Wireless Network Penetration Test of our customer Wi-Fi infrastructure used by staff members and doctors.


  • Software Development Company
    2018

    Secure Code Review of three business critical web applications.


  • Software Development Company
    2018

    Penetration Test of a payment management system.


  • Electricity Distributor & Regulator
    2018

    Web Application Penetration Test of height sensitive web applications as well as a Vulnerability Assessment of 300+ internal assets.


  • Energy Provider
    2018

    Web Application Penetration Test of a customer portal.


  • Healthcare Company
    2018

    Web Application Penetration Test of a web portal for employers who manage their company's health care, and which allows them to customize both the in-patient and out-patient components.


  • Multinational Insurance Company
    2018

    Internal and external Vulnerability Assessment and Penetration Testing (VAPT) targeting several assets.


  • International Fashion Retail Company
    2018

    Large scale internal Network Penetration Test of multiple subnets as well as external Network Penetration Test of our customer's public IP address range.


  • Energy Provider
    2018

    Web Application Penetration Test of an informational portal.


  • Human Resource Consulting Company
    2018

    Greybox Web App Penetration Test of an HRM application.


  • Information Technology and Services Company
    2018

    Web Application Penetration Testing of a document management system.


  • Banking Company
    2018

    Vulnerability Assessment and Penetration Test of several information assets exposed to the internet and reachable from our customer's network.


  • Hospital
    2018

    Social Engineering Assessment using various phishing emails techniques such as website mirroring and email attachments for 800 users


  • University
    2018

    Web Application Penetration Test of a web app allowing users to browse and buy scientific equipment.


  • Investment Fund
    2018

    Penetration Test of an internal application used to visualize and track financial transactions between our customer and a central bank.


  • Human Resource Consulting Company
    2018

    Blackbox Web App Penetration Test of an HRM application.


  • Global Maritime Industry Group
    2018

    Network Penetration Test of the information assets and services hosted in cargo ship and merchant vessels.


  • Insurance Company
    2018

    Web Application Testing for an insurance policies management portal.


  • Emergency and Crisis Management
    2018

    Penetration Test of an application used for collaboration among teams and provide modules such as auditing and quality, document management, customer relation management, messaging, etc.


  • Software Development Company
    2018

    Greybox Pentest of a Citrix VDI infrastructure which consisted in escaping the restricted environment, escalating privileges, and discovering what an attacker can do in the network.


  • Information Technology and Services Company
    2018

    Major Security Assessment which included a Network Penetration Test of our customer's public IP range, a network architecture review of their cloud service, and a post-compromise assessment which consisted in testing what could be done by an attacker once in the network.


  • University
    2018

    Quarterly Vulnerability Assessment of 300+ assets split across 7 campuses.


  • International Insurance Company
    2018

    Web and Mobile App Penetration Test across Asia-Pacific region for 50+ critical applications hosting that are highly critical for our customer's daily business and that host sensitive information.


  • Shipping Management Service Provider
    2018

    Network Penetration Test of our customer's public IP range.


  • Software Development Company
    2018

    Web Application Penetration Test by following a Greybox approach of an application which allows user and customers to manage courses and programs that are hosted by a University.


  • Energy Provider
    2018

    Network Vulnerability Assessment and Penetration Testing (VAPT) of critical servers.


  • University
    2018

    Web App Pentest for two applications hosting personal data as well as a large-scale Network Penetration Testing for all external and internal information assets.


  • Fashion Designer and Manufacturer
    2018

    Greybox Web Application Penetration Testing of an app used for product warranty and return merchandise authorization management.


  • University
    2018

    Penetration Test following a Greybox approach of a web app used by postgraduates.


  • Software Development Company
    2018

    Web App Testing of a learning management system (LMS).


  • Insurance Company
    2018

    Blackbox and Greybox Application Pentest for four web apps that are essential for our customers daily business.


  • Multinational Insurance Company
    2018

    Security Assessment comprised of an internal Blackbox Network Penetration and an Advanced Penetration Test of a Virtual Desktop Infrastructure (VDI) aiming at escaping a restricted environment and discovering what a malicious insider could potentially do.


  • Commercial Bank
    2018

    Penetration Testing of three AS400 servers.


  • Internet Service Provider
    2018

    Major Security Assessment project including Web Application Penetration Test for several externally reachable apps, Network Penetration Testing for critical assets, and topology analysis oriented security of a voice over IP environment.


  • Hospital
    2018

    Vulnerability Assessment of all the information assets connected to the hospital's network as well as Wireless Network Penetration Test of several WLANs used by doctors, staff, patients and IoT devices.


  • Insurance Company
    2018

    Web Application Penetration Test of an app that enables customers to find out more about our customer's financials offerings, from banking to insurance. Detailing all different options of services, available in the German, French, and Italian languages, the application allows users to select the best service to suit their needs, contact our customer, and know more about the company as a whole.


  • Ophthalmic Optics Manufacturer
    2018

    Penetration Test of a web application used by our customer's end-users to place order for lenses and frames. The application is also used by administrators for real-time order verification.


  • Law Academy Organization
    2018

    Blackbox Web App Pentest of a portal to showcase laws of different countries and foster judicial cooperation.


  • Maritime Transport Organization
    2018

    Pentest of two web apps as well as an external Network Penetration Test of multiple hosts.


  • Internet Service Provider
    2018

    Wireless Network Penetration Testing of a city-wide WLAN.


  • Private Bank
    2018

    External Network Pentest of multiple servers exposed to the Internet.


  • Card Manufacturer
    2018

    Internal Network Penetration Test of multiple business critical servers.


  • International Airport
    2018

    Web Application Penetration Test through web browser and mobile apps of a rewards program app. Host Configuration Review against CIS Benchmark and Internal Network Penetration Test of all intranet facing information assets supporting a Fraud Detection Solution.


  • Major Swiss Retail Company
    2018

    Advanced Penetration Test of all internet facing information assets, such as eCommerce/eShop web app, ERP system, file sharing services, VPN gateway, Email infrastructure, etc.


  • Hospital
    2018

    Wireless Network Penetration Test of a hospital s wireless infrastructure used by doctors, patient, and IoT devices.


  • Internet Service Provider (ISP)
    2018

    Network Penetration Test of various internet facing information assets.


  • Medical Laboratory Company
    2018

    Blackbox Penetration Test of a web API.


  • Software Development Company
    2018

    Greybox Web Application Penetration Test of a web app used by plastic surgeons and patients.


  • Healthcare Company
    2018

    Web Application Penetration Test of an application that optimizes specialty pharmacy operations, patient management, and prescription workflows.


  • Law Academy Organization
    2018

    Greybox Web Application Penetration Test for a human resource web application.


  • Large Internet Service Provider (ISP)
    2018

    Vulnerability Assessment of multiple information assets owned by several business units.


  • University
    2018

    Vulnerability Assessment of 300+ servers and network device information assets spread over 9 campuses.


  • Real Estate and Hospitality Management Company
    2018

    Penetration Test of internal networks, wireless infrastructure, and information assets exposed to the internet.


  • Internet Service Provider (ISP)
    2018

    Blackbox Web Application Penetration Test of 12 internet exposed web apps supporting our customer s business.


  • Multination Luxury Cosmetic Company
    2018

    Social Engineering Assessment with phishing emails for 6400 users.


  • Multinational Automotive Corporation
    2018

    Three email spear Phishing Assessments with website mirror /phishing website and malicious attachment for 60 users per campaign.


  • Healthcare Company
    2018

    Greybox Web App Penetration Test for five web applications supporting our customer s business.


  • Information Technology and Services Company
    2018

    Mobile Application Security Assessment for an Android and iOS app, as well as Greybox Web App Penetration Test for it associated web API.


  • Law Academy Organization
    2018

    Greybox Web Application Penetration Test for a human resource web application.


  • Healthcare Company
    2017

    Mobile Application Security Assessment for an Android and iOS app, as well as Blackbox Web Application Penetration Test associated with web service.


  • University
    2017

    Vulnerability Assessment of 300+ servers and network device information assets spread over 9 campuses, as well as Wireless Network Penetration Test of corporate and guest WLANs.


  • International Insurance Company
    2017

    Internal and external Network Penetration Test of more than 50 information assets.


  • Law Academy Organization
    2017

    Greybox Web Application Penetration Test of an application supporting our customer s business.


  • Health, Wellness and Fitness Company
    2017

    External Network Penetration Test of all information assets exposed to the internet for four datacenters in Singapore, Malaysia, and Indonesia.


  • Multinational Retail Company
    2017

    Web Application Penetration Test of an HR web app, as well as Network Penetration Test of all assets supporting the application.


  • Major Insurance Company
    2017

    Greybox Web Application Penetration Test for a large Swiss insurance portal.


  • Healthcare Company
    2017

    Mobile Application Security Assessment for an Android and iOS app, as well as Blackbox Web Application Penetration Test associated with web service.


  • Private Banking Company
    2017

    Internal Vulnerability Assessment of 500+ information assets and internal Network Penetration Test for one Lotus Notes server.


  • Software Development Company
    2017

    Greybox Web Application Penetration Test for an HR web-based software platform.


  • Hospitality Company
    2017

    Blackbox Web Application Penetration Test for a Hotel s booking web application.


  • Private Banking Company
    2017

    External Network Penetration Test of all internet facing information assets, which included firewall appliances, internet gateways, etc., as well as internal Vulnerability Assessment of several information assets.


  • Financial Company
    2017

    Greybox Web Application Penetration Test for multiple web apps supporting our customer s payment systems.


  • Insurance Company
    2017

    Greybox Web Application Penetration Test for a large Singaporean insurance portal.


  • Central Bank / International Financial Institution
    2017

    Blackbox Web Application Penetration Test covering a new feature of our customer s public website.


  • Insurance Company
    2017

    External Network Penetration Test of 10 information assets exposed to the internet.


  • Financial Company
    2017

    External Network Penetration Test of multiple internet facing information assets.


  • Software Development Company
    2017

    Secure Code Review of a stock trading app for web and mobile platforms (Android and iOS).


  • Insurance Company
    2017

    External Network Penetration Test for multiple applications and services facing the internet.


  • International Airport
    2017

    Advanced Penetration Testing that included internal and external Network Penetration Tests, as well as Web Application Penetration Test for the entire infrastructure landscape supporting airport check-in kiosks.


  • University
    2017

    Vulnerability Assessment of 300+ servers and network devices information assets spread over 9 campuses.


  • Law Academy Organization
    2017

    Greybox Web Application Penetration Test for one web application.


  • International Airport
    2017

    Host Configuration Review against CIS Benchmark and internal Network Penetration Test of all intranet facing information assets supporting a Fraud Detection Solution.


  • Insurance Company
    2017

    Greybox Web Application Penetration Test of an insurance policy management application.


  • Polytechnic University
    2017

    Greybox Web Application Penetration Test for one web app.


  • Payroll Service Company
    2017

    Network Penetration Test of a Citrix VDI Environment.


  • Insurance Company
    2017

    External Network Penetration Test for multiple hosts, as well as Greybox Web Application Penetration Test of a learning management system (LMS).


  • Software Development Company
    2017

    Blackbox Web Application Penetration Test for a Learning Management System (LMS)


  • Law Academy Organization
    2017

    Greybox Web Application Penetration Test for one app.


  • Future Commission Merchant & Broker Dealer
    2017

    Greybox Web Application Penetration Test of an e-Trading WeChat miniApp.


  • Multinational Pharmaceutical Company
    2017

    Secure Code Review and Greybox Web Application Penetration Test of an application hosting sensitive personal data used to manage double-blind studies.


  • Social Security & Insurance Company
    2017

    Internal and external Network Penetration Test of multiple information assets. Penetration Test of a VDI environment to simulating a malicious insider escaping restricted environment.


  • Real Estate and Hospitality Management Company
    2017

    Blackbox Web Application Penetration Test of 8 websites supporting our customer s business. Social Engineering Assessment composed of three phishing campaigns, each targeting 30 users.


  • Payroll Service Company
    2017

    Network Penetration Test of a payroll infrastructure.


  • Retail Company
    2017

    Greybox Web Application Penetration Test, including Mobile Application Security Assessment of an e-commerce platform.


  • University
    2017

    Greybox Web Application Penetration Test of five web applications hosting student information.


  • Software Development Company
    2017

    Greybox Web Application Penetration Test of a web API used by a cloud service offering accounting, invoicing and payroll management.


  • University
    2017

    Vulnerability Assessment of 300+ servers and network device information assets spread over 9 campuses.


  • Real Estate and Hospitality Management Company
    2017

    Large scale internal Network Penetration Test of multiple subnets. Operating system Configuration Review of several critical servers. Wireless Network Penetration Test of two WLANs.


  • Healthcare Company
    2017

    Secure Code Review of two applications used to provide access to health services.


  • International Insurance Company
    2017

    Greybox Web Application Penetration Test of a marine cargo insurance management application.


  • Hospital
    2017

    Wireless Network Penetration Test of a hospital s wireless infrastructure used by doctors, patients, and IoT devices.


  • Software Development Company
    2017

    Secure Code Review of a web API used by a cloud service offering accounting, invoicing and payroll management.


  • Hospital
    2017

    External Network Penetration Test of various information assets exposed to the internet.


  • Payroll Service Company
    2017

    Network Penetration Test of a human resource infrastructure.


  • Software Development Company
    2017

    Blackbox web application penetration test of a Learning Management System (LMS).


  • Private Banking Company
    2017

    External Network and Web Application Penetration Test of multiple external facing information assets and apps.


  • University
    2017

    Greybox Web Application Penetration Test of an app used by students to obtain information about campus life.


  • Healthcare Company
    2017

    Greybox Web Application Penetration Test of two applications used to provide access to health services.


    Top