![](https://cyberpwn.com/wp-content/uploads/2021/10/blog_sample_img.jpg)
![](https://cyberpwn.com/wp-content/uploads/2021/11/journey_thumb.png)
Application Penetration Test
As part of Application Security Assurance
About the client
Our client is a French multinational investment bank and financial services company.
The Problem
- Bank used to have different invoice formats for its customers
- The core application had file uploading functionality
- Challenge was to identify any malicious file or content upload
The Solution
- Our Security team had performed security testing on the web application
- The vulnerabilities like privilege escalations via Insecure Direct Object Reference was possible and any user of the application was allowed to perform financial transactions.
- We provided recommendations to mitigate the vulnerabilities.
Value delivered
![](https://cyberpwn.com/wp-content/uploads/2021/11/case_icon.png)
Executive Dashboard Reports on Critical issues
![](https://cyberpwn.com/wp-content/uploads/2021/11/case_icon.png)
Effective collaboration between the Business & Delivery Team
![](https://cyberpwn.com/wp-content/uploads/2021/11/case_icon.png)
Reduced Risks associated with the Application by providing On-time Remediation
![](https://cyberpwn.com/wp-content/uploads/2021/11/case_icon.png)
Consultative Advisory on Policy Compliance & Process improvement.
![](https://cyberpwn.com/wp-content/uploads/2021/10/case_icon_2.png)
Industry
BFSI
![](https://cyberpwn.com/wp-content/uploads/2021/10/case_icon_2.png)
Team Size
08
![](https://cyberpwn.com/wp-content/uploads/2021/10/case_icon_3.png)
Instruments
Burpsuite
More Case Studies
LET'S CONNECT
INDIA HQ
7th Floor, Fairway Business Park,
Near EGL, Domlur,
Bangalore, Karnataka, 560071
Phone:+91-80-6193 9301
INDIA|USA|CANADA