A Leader in Investment Research wanted to look beyond plain vanilla security testing services & wanted to holistically understand their security flaws.

Case study

A Leader in Investment Research wanted to look beyond plain vanilla security testing services & wanted to holistically understand their security flaws.

May 21, 2022 | By Accorian

Challenges

Understanding the real intent & desired outcomes of the CTO & CISO for the annual penetration testing assessment
Finalizing the scope of work after our session on our recommendations on assessments that can help in understanding holistic technical risk and signoff
Collection of pre-requisites especially secure handling of source code and planning timelines
Maintaining the operability of sensitive systems while completing our technical assessment

Recent Case studies

Article

This company continues to stay HITRUST certified and SOC 2 compliant with Accorian

HITRUST, SOC 2, & ISO 27001 To meet multiple compliance frameworks (HITRUST, ISO 27001, SOC 2) across various industries and geographies in less than a year. To create a single roadmap that covers both security and compliance. Furthermore, to manage regular updates of their audit cycle, policy procedures, and vulnerability management. This is to help speed up compliance and reduce friction.

Article

This is how we helped a B2B client improve their information security practices to control the availability of information, as well as enable confidentiality, and integrity that was critical to its business growth

ISO 27001 To meet the growing demands of their services, The client had implemented sophisticated technology assets for business operations, thereby increasing the organization's exposure to attacks on its IT, as well as business infrastructure. To overcome these situations the client had to place immense emphasis on the improvement of information security practices with regards to confidentiality, integrity, and availability of information within the company. For this, they hired Accorian to implement IT risk management processes, align internal privacy standards with international standards, and incorporate maturity in documentation.

Article

This B2B client in the Healthcare space needed to be able to scale vendor risk assessments with a trusted partner

VENDOR RISK ASSESSMENT The client needed to be able to scale vendor risk assessments within a short period and with a trusted partner. At the same time, healthcare organizations in their marketplace needed to feel comfortable with a 3rd party reviewing security assessments.

Article

This company needed to understand the impact of a targeted attack on the organization and emulate various threat actors.

Red Teaming The company has a mature security practice and conducts penetration tests regularly. These tests were mostly point in time exercises where the attacks were limited to the scope of the assessment. The company needed to understand the impact of a targeted attack on the organization and emulate various threat actors.

Article

A leading Fintech company partnered with Accorian to conduct a comprehensive security assessment to ensure attackers are kept at bay.

Service Brief Comprehensive Testing: Ensuring the right pre-requisites are captured & shared. As the APIs were very large & unique in their structure, the testing was manual along with a few automated scripts. Network Testing Coverage: The client was unsure of all their assets on the internet. Hence, we ran a preliminary scan to identify all their assets on the internet including Shadow IT. Maintaining business as usual for critical operations and the operability of sensitive systems while completing our technical assessment.

Case study