Case Study-Cybersecurity

Recovering from a Security Breach

Powersoft19 was contacted by the CISO of a prominent European car manufacturer. The company had suffered an incident whereby all its emails had been treated as spam and blocked by many internet service providers and tier 1 carriers.
The cause was identified to be an open mail relay vulnerability on their mail server, which had been exploited by a spammer. The discovery of this vulnerability raised concerns over the integrity of previous penetration tests.

Challenge

An open mail relay vulnerability on the company’s mail server, exploited by a spammer, resulted in all company emails being blocked as spam by many internet services providers and tier-1 carriers.

Solution

Powersoft19 team conducted following tests:

  • Penetration testing against all external infrastructure at 3 primary city locations
  • Physical penetration testing
  • All public facing web applications’ testing using the functionality and public user levels
  • Social engineering in the form of spear phishing over the phone and in person
  • Encryption testing on stolen laptop and thumb drives

Results

Powersoft19’s comprehensive report recommended following measures:

  • Controlling access throughout the buildings via access cards
  • Setting up security cameras
  • Implementing an updated security awareness training program
  • Enhancing the policy control for distribution of passwords

Case Study-Cybersecurity

Enhancing Security with SIEM

Challenge

Setup and configuration of a SIEM solution to provide:

  • Overall enhancement of the organization’s security posture
  • Central monitoring
  • Security incident management for security and compliance needs
  • Operational processes set up to cover multiple cities
  • A SIEM solution with a dashboard and connectors for correlation, compliance, retention, log aggregation, and forensic analysis

Solution

  • Set up a suitable SIEM/SOC solution and processes
  • Assessed the requirements and defined a roadmap for product selection and design
  • Integrated the log sources, including servers, network devices, database, and applications to ensure complete coverage across multiple location
  • Defined security incident management processes and content in SIEM solution

Results

  • Streamlined log management
  • Fulfillment of compliance requirements
  • Rapid identification and response with centralized security incident management
  • Privileged user activity monitoring via integrated ‘Identity Management Solution’
  • Cost savings and a good ROI

Case Study – SMART

Remote Diagnoses and Configuration of Power Supply Device

SMART was developed for a hot start company in California, which is a division of a fortune 100 company. It offers an integrated configuration for businesses that require a pure, uninterrupted, on-site energy supply. SMARTS facilitate the remote diagnoses and configuration of power supply devices.

Challenge

The biggest challenge in developing SMART was to write “Standard Device Drivers” to communicate with power devices such as generator and UPS. Another challenge was to communicate with power devices remotely while using modem and Ethernet as a communication medium.

Solution

XML was used to standardize device drivers so that any device supporting Modbus protocol can use these drivers to communicate remotely.

Results

  • Automated diagnostic capabilities
  • Low level and detailed analysis of power devices
  • XML based device communication
  • Device independent (supports all Mod-bus devices)
  • Historical data for each device
  • Preventive maintenance
  • Time & Cost Savings
  • Device registers read and write capabilities

Case Study – Web Dimensions

Healthcare Industry for First Report of Injury of workers

Web Dimensions were developed for the US healthcare industry for First Report of Injury of workers. It supports different requirements for all 50 US states. The user can report injury and view/print report using his/her browser. This system was developed using Java, XML/XSL and Servlets technologies. This product is very flexible from configuration aspect. An XML based markup language is used to store the configuration of the database, connectivity, input forms, form validation rules etc. Several tools are being developed for this system so that it can be tailored to the specific needs of health care provider and/or government agencies.

Challenge

Major challenge was to design forms and display them on XML compatible and non-XML compatible browsers. At the time, when this project was developed, XSL was still evolving and there was no flexible visual ID to design complex forms.

Solution

For this project we developed different tools like XFL Cafe, a visual ID for designing forms, XFL Mapper for IE, a tool/component of Web Dimensions that converts the XFL to XSL, which confirms the IE standards, XSL, Viewer, a tool/component that helps users to view the First Report of Injury (form) using a non-XML browser, PDF generator, a Java application which is used on the server side and generates the PDF files from XML and XSL files by using the Acrobat Distiller.

Results

Insurers can use Web Dimensions to give their customers personalized, 24/7, secure, password-protected ability to report incidents over the Internet with simple point and click commands. Accurate information can be instantly transmitted via email for case management to TPA’s, insurance carriers and risk managers, enabling earlier effective action on claims.