A University's Trustees Board asked Elliott Davis to help answer, "Can you help us evaluate the security associated with our applications and web platforms?"
Context
- Needed assistance for ethical penetration and security tests to be conducted against ERP applications, integrated applications and infrastructure hosting these systems
- Wanted to evaluate security associated with HR/Finance/Student applications and the web hosting platform
- Requested testing to be performed remotely using automated and manual testing methods
Our Approach
- Identified use cases and systems testing
- Conducted ethical penetration and security testing against a mirror of production at predetermined times
- Penetration Testing based on the Penetration Testing Execution Standard (PTES) and NIST Special Publication 800-115 Technical Guide to Information Security Testing and Assessment
Customer Impact
- Received report of security vulnerabilities and recommendations improve the overall security
- Penetration testing identified what an attacker could do in the ‘real world’
- Developed understanding of current cyber risks associated with cyber attacks, data breaches, and other internal and external threats
We Can Help
For more information on this and other topics, contact a member of our team below.
The information provided in this communication is of a general nature and should not be considered professional advice. You should not act upon the information provided without obtaining specific professional advice. The information above is subject to change.
