With the increasing number of remote workforces connecting an organization via internet from anywhere, it has also evolved as one of the toughest areas to secure, we need a lot of appliances like firewall, NAC, VPN etc. to secure it and even then, it is a major threat to the organizations.
Generally, VPNs are used for such connection to be secured, but it has lot of issues, such as it allows all connected users to access entire network, or else they have to use multiple VPNs to get connected which complicates the process further. Another issue is, if any VPN users’ credentials are compromised, it raises huge threat based on access level.
Depending upon the connection type, number of employees and locations, we provide solutions based on SDP (Software defined perimeter) and SD-WAN, that suits each requirement.
Since the pandemic, working remotely has become much more widespread worldwide. Although many people are returning to the workplace now, many experts predict that even once the pandemic fades, remote working will remain prevalent across multiple sectors. There are many advantages of working remotely such as: work from anywhere anytime, less commute stress, increased productivity and performance etc. Also, remote work raises a vast array of issues and challenges for employees and employers, like we should be concerned about the security risks associated with the remote work environments. So it is essential to address and give serious consideration to remote workspace cybersecurity.
Work-from-home employees are at much greater risk than those in offices. Since home connections are less secure, cybercriminals have an easier entry into the company network. The biggest security risks we facing are email scams, weakens security controls: without internet proxy, NAC, IDS and NGFW, client devices will now be sitting exposed on potentially unsecured networks amongst potentially compromised devices, malicious inisders or malicious housemates etc. Addressing these threats will not be easy. It will require a mixture of hard work, creativity, and new technology, alongside an openness to new ways of working and a willingness to embrace dynamic, proactive defense, instead of traditional rigid policies.
We have solution for all the security risks associated with the remote work. Based on the locations and number of employees we provide SDP solution. SDP is really just another network security architecture. Zero-trust implementations with SDP allow for better defense. Most legacy attacks occur because users are connected to an environment where they can see the other connections that exist in that network. SDP focuses on hiding or concealing IT assets from the view of anyone on the network. No more security issues related to remote offices. We’ve come up with the greatest solution for you.
Vagari.ai LLC has created a Vehicle Rental App for Auto Dealers, Fleet and other vehicle owners (Owners) to provide vehicles to drivers including those who drive for uber/lyft (Renters) in the rideshare and Transportation as a Service (TaaS) industry. Vagari.ai LLC is a frictionless mobility technology startup based in New York, USA. Their first product is the vehicle rental mobile app. This App offers an opportunity for Owners to earn incremental revenue on idle inventory on one hand and for the Renters to use vehicles at subscription price and if needed be able to purchase it over a period of time.
Some of the vulnerabilities pop out during our pentest in vagari are
We pinpoint potential avenues of network attack where access might be gained through internet-connected servers or network equipment by individuals outside of Vagari which lack appropriate rights or credentials.
We then conducted a mock attack to test security controls, developing and presenting with a cybersecurity assessment on findings along with solutions and recommendations that vagari can use to remediate the issue.
Trusted Hands Financial Services Private limited is a Kerala based Activities auxiliary to financial intermediation company. A consumer-focused financial services & tech platform that solves problem of discovery, shortlisting, application, management and servicing of bank loans, borrowing options. Trusted Hands Financial Services (THFS) will change the way customers take and manage loans. THFS will enable customers to acquire their financial freedom, with right choice at the right time.
Requirement : Internal / External Pentesting, Vulnerability Assesmement, Solution
The Customer needed to test the security controls deployed within their IT infrastructure.
Offenselogic team conducted black box penetration testing of the external perimeter of the Customer’s network. The ethical hackers didn’t manage to penetrate the network with no credentials, so they proceeded with the grey box testing method using user login details but having no access to the entire network. Grey box penetration testing revealed a vulnerability of the Customer’s remote server to external manipulations.
Our security engineers scanned the Customer’s internal network for vulnerabilities and exploited the discovered vulnerabilities using the grey box penetration testing method. They discovered a server using the obsolete HTTPS protocol, which was critical for the banking environment storing clients’ data.
The Customer received detailed reports of the conducted network vulnerability assessment, penetration testing, and the security risk assessment of the client digital channels with recommendations to mitigate the discovered vulnerabilities. After fixing all the issues according to the provided remediation plan, the Customer ran retesting, which showed the increased security level of the network’s external perimeter and internal environment.