Our client has developed a collaborative platform for gifting. It allows one to create an event (Birthday, anniversary, etc.) in which people can collectively contribute towards a gift fund. Friends, family and colleagues can get together online and collect funds that could be given as a gift, and the recipient would be issued with a VISA card for the same amount
• Follow security guidelines and ensure that the client personal details are protected
• Provide assurance to the other partnering organizations that the application is tested by a third party security vendor.
Client was able to remediate vulnerabilities based on the defined priorities guided by the real threats and complete the application roll out in the stipulated timeframe.
SecurBay studied the unique business model of the gifting platform, in order to understand the risks associated with the applications and with third party integration. A security test plan was developed with security test scenarios using the OWASP Top 10 and other leading attack scenarios as the base. Based on the approved plan, SecurBay conducted an Application Security Assessment activity and provided the company with assistance on security risk mitigation.