11 Feb

Cigniti Security Testing Teams get recognized

Listen on the go!

At Cigniti our resolution is always meant to help organizations say no to bad software. We do this diligently by assuring Software quality.

The New Year has started and many people are still holding to their resolutions. Besides the usual suspects of exercising more, loosing weight etc, our security testing experts in Cigniti have been working to touch new horizons of security testing.

Now what does it mean? Our security testing experts spend an hour everyday to find potential software flaws in mobile and web apps apart from the regular work and projects. They carefully choose potentially high used apps and test the app from various standpoints particularly from a view point of making them extra secure. Once they find the vulnerability in the best interest of every one they follow the responsible guidelines to report the vulnerability to the respective app owners. This is purely a pro-active measure to help organizations build better software.

What happens next? Lot of companies that are committed to create a better quality software acknowledge our experts and fix the flaw. This is truly an amazing power of collaborative work. Some of the very recent apps our security warriors worked and got recognized is here to see

security

What we found:

The Cigniti security testing team’s work resulted in finding out vulnerabilities that can lead to Impersonation and Unauthorized access through a user account into the apps under test. The vulnerability can be used to manipulate information and can also potentially snowball into a major security breach.

What we recommend:

  • The app should not be accessible from two different Mobile devices.
  • If simultaneous access from multiple Mobile devices is enabled, it needs to ensure access control with log-in password for every mobile device.
  • The access should be tested in devices of the same platforms or OEMs. The availability of devices of the same platform increases the scope of penetration.
  • Auth token should be encrypted using device specific salt.

Watch out this space for periodic updates. I wish you a very happy new year again and hope you achieve your new year resolutions.

Author

  • Sairam Vedam

    Sairam Vedam, Chief Marketing Officer at Cigniti Technologies. An Award Winning Global Marketing Leader, Speaker, Blogger, Start-up Mentor, Technologist, and a CSR Leader.

    View all posts

Comment (1)

  • Cigniti Ensures a Secure Online Existence – Software Testing

    […] Cigniti has built capabilities, knowledge repositories, and test accelerators leveraging the experience of working on over 100 engagements using latest industry standards and proprietary testing methodologies. […]

    February 29, 2016 at 3:25 AM

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts

How Testing can save Financial Applications from the next HACK
25 Oct

How Testing can save Financial Applications from the next HACK

By

Listen on the go! On October 20, 2016, The Economic Times (Indian business daily) reported that ‘3.2 million debit cards... read more

Integrating Security into Continuous Testing
19 May

Integrating Security into Continuous Testing

By

Listen on the go! All of us understand and accept the necessity to have adequate security testing for our applications.... read more

10 Open Source Security Testing Tools to Test Your Website
16 Aug

10 Open Source Security Testing Tools to Test Your Website

By

Listen on the go! From mini eateries to big-box retailers, from small organizations to federal bodies, cyber attackers are eyeing... read more