Recovering from a Security Breach
Powersoft19 was contacted by the CISO of a prominent European car manufacturer. The company had suffered an incident whereby all its emails had been treated as spam and blocked by many internet service providers and tier-1 carriers. The cause was identified to be an open mail relay vulnerability on their mail server, which had been exploited by a spammer. The discovery of this vulnerability raised concerns over the integrity of previous penetration tests.
An open mail relay vulnerability on the company’s mail server, exploited by a spammer, resulted in all company emails being blocked as spam by many internet services providers and tier-1 carriers.
Powersoft19 team conducted the following tests:
- Penetration testing against all external infrastructure at three primary city locations
- Physical penetration testing
- All public-facing web applications’ testing using the functionality and public user levels
- Social engineering in the form of spear-phishing over the phone and in-person
- Encryption testing on stolen laptops and thumb drives
Powersoft19’s comprehensive report recommended following measures:
- Controlling access throughout the buildings via access cards
- Setting up security cameras
- Implementing an updated security awareness training program
- Enhancing the policy control for distribution of passwords
Enhancing Security with SIEM
Setup and configuration of a SIEM solution to provide:
- Overall enhancement of the organization’s security posture
- Central monitoring
- Security incident management for security and compliance needs
- Operational processes set up to cover multiple cities
- A SIEM solution with a dashboard and connectors for correlation, compliance, retention, log aggregation, and forensic analysis
- Set up a suitable SIEM/SOC solution and processes
- Assessed the requirements and defined a roadmap for product selection and design
- Integrated the log sources, including servers, network devices, database, and applications to ensure complete coverage across multiple location
- Defined security incident management processes and content in SIEM solution
- Streamlined log management
- Fulfillment of compliance requirements
- Rapid identification and response with centralized security incident management
- Privileged user activity monitoring via integrated ‘Identity Management Solution’
- Cost savings and a good ROI
Case Study – SMART
Remote Diagnoses and Configuration of Power Supply Device
SMART was developed for a hot start-up company in California, which is a division of a Fortune 100 company. It offers an integrated configuration for businesses that require a pure, uninterrupted, on-site energy supply. SMART facilitates the remote diagnoses and configuration of power supply devices.
The biggest challenge in developing SMART was to write “Standard Device Drivers” to communicate with power devices such as generator and UPS. Another challenge was to communicate with power devices remotely while using modem and ethernet as a communication medium.
XML was used to standardize device drivers so that any device supporting Modbus protocol can use these drivers to communicate remotely.
- Automated diagnostic capabilities
- Low level and detailed analysis of power devices
- XML based device communication
- Device independent (supports all Mod-bus devices)
- Historical data for each device
- Preventive maintenance
- Time & cost savings
- Device registers read and write capabilities
Case Study – Web Dimensions
Healthcare Industry for First Report of Injury of workers
Web Dimensions were developed for the US healthcare industry for First Report of Injury of workers. It supports different requirements for all 50 US states. The user can report injury and view/print report using his/her browser. This system was developed using Java, XML/XSL and Servlets technologies. This product is very flexible from configuration aspect. An XML based markup language is used to store the configuration of the database, connectivity, input forms, form validation rules etc. Several tools are being developed for this system so that it can be tailored to the specific needs of health care provider and/or government agencies.
Major challenge was to design forms and display them on XML compatible and non-XML compatible browsers. At the time, when this project was developed, XSL was still evolving and there was no flexible visual ID to design complex forms.
For this project we developed different tools like XFL Cafe, a visual ID for designing forms, XFL Mapper for IE, a tool/component of Web Dimensions that converts the XFL to XSL, which confirms the IE standards, XSL, Viewer, a tool/component that helps users to view the First Report of Injury (form) using a non-XML browser, PDF generator, a Java application which is used on the server side and generates the PDF files from XML and XSL files by using the Acrobat Distiller.
Insurers can use Web Dimensions to give their customers personalized, 24/7, secure, password-protected ability to report incidents over the Internet with simple point and click commands. Accurate information can be instantly transmitted via email for case management to TPA’s, insurance carriers and risk managers, enabling earlier effective action on claims.