HomeCase Studies
Cybersecurity / Security

Competencies​

Image

Security Services​

25 years in Security implementation and management:

  • Certified ISO 27001, CEH, CISA, CISM
  • Email Security
  • Antivirus, Data Security​
  • Physical Security
  • Network Security​
  • System Backup & Restore​
  • IM Application Security​
  • Network Infrastructure Monitoring​
  • Business Continuity Plan in real practices with SARS and Covid19​

Image

Security Testing​

5+ years of experiences for large software companies​

  • 50 skillful, 20 certified engineers
  • Certified CEH, CompTIA PenTest+, OSCP​
  • Test is executed for TMA systems and client systems
  • Standard test process defined​
  • Test category: web, applications, network, software, OS, Database
  • Test method: Blackbox, Greybox, Whitebox​

Techniques & Tools​

Image

Standards​

  • CVSS Score v3​
  • NIST and CIS Compliance​
  • OWAPS Top 10​
  • Request For Comment (RFC)

Image

Security Platform Type​

  • Web Application​
  • System Security
  • Network Security​
  • Cloud Security​
  • Physical Security

Image

Security Test Types​

  • Vulnerability Scanning​
  • Compliance Scanning​
  • Web Application Scanning​
  • Fuzzing Testing 

Image

Test Tools​

  • Nessus​
  • Codenomicon Defensics​
  • Qualys ​
  • Burp Suite Pro Scanner​
  • Compliance scanners (Openscap)

Security Testing Process​

Image

Vulnerability Scan (Nessus)​

  • Nessus is a vulnerability scanner which is designed to scan networks and identify vulnerabilities, misconfigurations, and other security issues.​
  • It supports various types of platform and scans, including host discovery, port scanning, network scanning and host-based scanning.​
  • It generated details reports based on severity of vulnerabilities and theirs remediation  

Compliance Scan​

  • A compliance scan is a type of security scan that assesses an organization's compliance with industry or regulatory standards​
  • Follow two of most popular organization: National Institute for Standards and Technology (NIST) and Center for Internet Security (CIS)
  • Supporting many platforms and systems such as OS, Network Devices, Databases, Web Application…​

Fuzzing Testing​

  • Codenomicon Defensics is an automated protocol robustness tool that sends unexpected or malformed data (a.k.a. “Fuzzing”) to test the protocol stack’s behavior.​
  • It organizes and tests many protocols (SIP, IPv4, IPv6, H.248…) by message type. For example: the SIP test suites consist of over 20 message types (Invite Bye, Invite Refer, Invite Cancel….)

Web Application Scan​

  • Qualys' web application scanning can identify vulnerabilities in web applications, including those that may be used to steal sensitive data, take control of the application, compliance issues related to web application security. Qualys also support vulnerability scanning
  • Burp Suite Pro scanner can scan web applications for a range of vulnerabilities, including SQL injection, cross-site scripting (XSS), remote code execution, and file inclusion vulnerabilities. It can also identify issues related to authentication, access controls, and session management.

Report Content

Image

Overview Information of Scanning

Image

Summary of the Findings

Image

Details of Analysis of Findings

Image

Risk Ratings

Image

Remediation Details

Image

Detail of Report

Case Study

Case Study

Vulnerability Scan​

Compliance Scan​

​Codenomicon Defensics​

​​Web Application Scan​

  • System under test: Carrier VoIP Provisioning Portal Server which is a Web UI provides secure subscriber provisioning, device provisioning, system resource management, etc…​
  • Test method: Credential on
  • Test category: Web Application​
  • Tools used: Nessus

Test Procedure:​

  • Execute vulnerability scanning against the target
  • Generate scan reports ​
  • Check for real issue​

Summary of issues found:​

  • RPM package updates​
  • TLS vulnerable version​
  • Apache Log4j​
Image
  • System under test: Media Server which is a Linux system provides media processing functions, system resource management, etc…
  • Test method: Credential on
  • Test category: System Compliance​
  • Tools used: Nessus

Test Procedure:​

  • Execute OS Compliance scan against target
  • Generate scan reports ​
  • Check for real issues of failed compliance items​

Summary of issues found:​

  • Compliance Failure Items of system​
Image
  • System under test: Carrier VoIP Server which provides secure SIP calls​
  • Test method: Credential on
  • Test category: Call Server
  • Tools used: Codenomicon Defensics​

Test Procedure:​

  • Setup SIP UAS message with Invite-Bye call​
  • Run the suite with randomized anomalies​
  • Check the behavior of target to the anomaly messages

Summary of issues found:​

  • Target switch activity to standby unit since it can’t handle anomaly in Record-Route header​
  • Target response improperly to the valid anomaly in Call-ID according to SIP RFC​
Image
  • System under test: Call-Signaling Processing Server which is a Web UI provides signaling processing of call, secure subscriber provisioning, call routing, etc…​
  • Test method: Credential on
  • Test category: Web Application​
  • Tools used: Qualys​

Test Procedure:​

  • Execute Web Application scan against target
  • Generate scan reports ​
  • Check for real issues​

Summary of issues found:​

  • Command Injection
  • Cross-site Request Forgery​
  • Cookie Missing Security Attributes
Image
decor

Contact Us

Share with us your challenges. We are here to support.

Andorra Andorra
United Arab Emirates United Arab Emirates
Afghanistan Afghanistan
Antigua and Barbuda Antigua and Barbuda
Anguilla Anguilla
Albania Albania
Armenia Armenia
Angola Angola
Argentina Argentina
American Samoa American Samoa
Austria Austria
Australia Australia
Aruba Aruba
Åland Islands Åland Islands
Azerbaijan Azerbaijan
Bosnia and Herzegovina Bosnia and Herzegovina
Barbados Barbados
Bangladesh Bangladesh
Belgium Belgium
Burkina Faso Burkina Faso
Bulgaria Bulgaria
Bahrain Bahrain
Burundi Burundi
Benin Benin
Bermuda Bermuda
Brunei Darussalam Brunei Darussalam
Bolivia Bolivia
Brazil Brazil
Bahamas Bahamas
Bhutan Bhutan
Botswana Botswana
Belarus Belarus
Belize Belize
Canada Canada
Cocos (Keeling) Islands Cocos (Keeling) Islands
Congo, Democratic Republic of the Congo, Democratic Republic of the
Central African Republic Central African Republic
Congo Congo
Switzerland Switzerland
Cote d'Ivoire Cote d'Ivoire
Cook Islands Cook Islands
Chile Chile
Cameroon Cameroon
China China
Colombia Colombia
Costa Rica Costa Rica
Cuba Cuba
Cape Verde Cape Verde
Curaçao Curaçao
Christmas Island Christmas Island
Cyprus Cyprus
Czech Republic Czech Republic
Germany Germany
Djibouti Djibouti
Denmark Denmark
Dominica Dominica
Dominican Republic Dominican Republic
Algeria Algeria
Ecuador Ecuador
Estonia Estonia
Egypt Egypt
Western Sahara Western Sahara
Eritrea Eritrea
Spain Spain
Ethiopia Ethiopia
Finland Finland
Fiji Fiji
Falkland Islands Falkland Islands
Federated States of Micronesia Federated States of Micronesia
Faroe Islands Faroe Islands
France France
Gabon Gabon
United Kingdom United Kingdom
Grenada Grenada
Georgia Georgia
Guernsey Guernsey
Ghana Ghana
Gibraltar Gibraltar
Greenland Greenland
Gambia Gambia
Guinea Guinea
Equatorial Guinea Equatorial Guinea
Greece Greece
Guatemala Guatemala
Guam Guam
Guinea-Bissau Guinea-Bissau
Guyana Guyana
Hong Kong Hong Kong
Honduras Honduras
Croatia Croatia
Haiti Haiti
Hungary Hungary
Indonesia Indonesia
Ireland Ireland
Israel Israel
Isle of Man Isle of Man
India India
Iraq Iraq
Iran Iran
Iceland Iceland
Italy Italy
Jersey Jersey
Jamaica Jamaica
Jordan Jordan
Japan Japan
Kenya Kenya
Kyrgyzstan Kyrgyzstan
Cambodia Cambodia
Kiribati Kiribati
Comoros Comoros
Saint Kitts and Nevis Saint Kitts and Nevis
North Korea North Korea
South Korea South Korea
Kuwait Kuwait
Cayman Islands Cayman Islands
Kazakhstan Kazakhstan
Laos Laos
Lebanon Lebanon
Saint Lucia Saint Lucia
Liechtenstein Liechtenstein
Sri Lanka Sri Lanka
Liberia Liberia
Lesotho Lesotho
Lithuania Lithuania
Luxembourg Luxembourg
Latvia Latvia
Libya Libya
Morocco Morocco
Monaco Monaco
Moldova Moldova
Montenegro Montenegro
Saint Martin (French Part) Saint Martin (French Part)
Madagascar Madagascar
Marshall Islands Marshall Islands
North Macedonia North Macedonia
Mali Mali
Burma Burma
Mongolia Mongolia
Macao Macao
Northern Mariana Islands Northern Mariana Islands
Martinique Martinique
Mauritania Mauritania
Montserrat Montserrat
Malta Malta
Mauritius Mauritius
Maldives Maldives
Malawi Malawi
Mexico Mexico
Malaysia Malaysia
Mozambique Mozambique
Namibia Namibia
New Caledonia New Caledonia
Niger Niger
Norfolk Island Norfolk Island
Nigeria Nigeria
Nicaragua Nicaragua
Netherlands Netherlands
Nepal Nepal
Nauru Nauru
Niue Niue
New Zealand New Zealand
Oman Oman
Panama Panama
Peru Peru
French Polynesia French Polynesia
Papua New Guinea Papua New Guinea
Philippines Philippines
Pakistan Pakistan
Poland Poland
Puerto Rico Puerto Rico
Palestine Palestine
Portugal Portugal
Palau Palau
Paraguay Paraguay
Qatar Qatar
Reunion Reunion
Romania Romania
Serbia Serbia
Russia Russia
Rwanda Rwanda
Saudi Arabia Saudi Arabia
Solomon Islands Solomon Islands
Seychelles Seychelles
Sudan Sudan
Sweden Sweden
Singapore Singapore
Slovenia Slovenia
Slovakia Slovakia
Sierra Leone Sierra Leone
San Marino San Marino
Senegal Senegal
Somalia Somalia
Suriname Suriname
South Sudan South Sudan
Sao Tome and Principe Sao Tome and Principe
El Salvador El Salvador
Syria Syria
Swaziland Swaziland
Turks and Caicos Islands Turks and Caicos Islands
Chad Chad
Togo Togo
Thailand Thailand
Tajikistan Tajikistan
Tokelau Tokelau
Timor-Leste Timor-Leste
Turkmenistan Turkmenistan
Tunisia Tunisia
Tonga Tonga
Turkey Turkey
Trinidad and Tobago Trinidad and Tobago
Tuvalu Tuvalu
Taiwan Taiwan
Tanzania Tanzania
Ukraine Ukraine
Uganda Uganda
United States United States
Uruguay Uruguay
Uzbekistan Uzbekistan
Holy See (Vatican City State) Holy See (Vatican City State)
Saint Vincent and the Grenadines Saint Vincent and the Grenadines
Venezuela Venezuela
Virgin Islands, British Virgin Islands, British
Virgin Islands, U.S. Virgin Islands, U.S.
Vietnam Vietnam
Vanuatu Vanuatu
Wallis and Futuna Wallis and Futuna
Samoa Samoa
Yemen Yemen
Mayotte Mayotte
South Africa South Africa
Zambia Zambia
Zimbabwe Zimbabwe
(+1)
Andorra Andorra (+376)
United Arab Emirates United Arab Emirates (+971)
Afghanistan Afghanistan (+93)
Antigua and Barbuda Antigua and Barbuda (+1 268)
Anguilla Anguilla (+1 264)
Albania Albania (+355)
Armenia Armenia (+374)
Angola Angola (+244)
Argentina Argentina (+54)
American Samoa American Samoa (+1 684)
Austria Austria (+43)
Australia Australia (+61)
Aruba Aruba (+297)
Åland Islands Åland Islands (+358)
Azerbaijan Azerbaijan (+994)
Bosnia and Herzegovina Bosnia and Herzegovina (+387)
Barbados Barbados (+1 246)
Bangladesh Bangladesh (+880)
Belgium Belgium (+32)
Burkina Faso Burkina Faso (+226)
Bulgaria Bulgaria (+359)
Bahrain Bahrain (+973)
Burundi Burundi (+257)
Benin Benin (+229)
Bermuda Bermuda (+1 441)
Brunei Darussalam Brunei Darussalam (+673)
Bolivia Bolivia (+591)
Brazil Brazil (+55)
Bahamas Bahamas (+1 242)
Bhutan Bhutan (+975)
Botswana Botswana (+267)
Belarus Belarus (+375)
Belize Belize (+501)
Canada Canada (+1)
Cocos (Keeling) Islands Cocos (Keeling) Islands (+61)
Congo, Democratic Republic of the Congo, Democratic Republic of the (+243)
Central African Republic Central African Republic (+236)
Congo Congo (+242)
Switzerland Switzerland (+41)
Cote d'Ivoire Cote d'Ivoire (+225)
Cook Islands Cook Islands (+682)
Chile Chile (+56)
Cameroon Cameroon (+237)
China China (+86)
Colombia Colombia (+57)
Costa Rica Costa Rica (+506)
Cuba Cuba (+53)
Cape Verde Cape Verde (+238)
Curaçao Curaçao (+599)
Christmas Island Christmas Island (+61)
Cyprus Cyprus (+357)
Czech Republic Czech Republic (+420)
Germany Germany (+49)
Djibouti Djibouti (+253)
Denmark Denmark (+45)
Dominica Dominica (+1 767)
Dominican Republic Dominican Republic (+1 809)
Algeria Algeria (+213)
Ecuador Ecuador (+593)
Estonia Estonia (+372)
Egypt Egypt (+20)
Western Sahara Western Sahara (+212)
Eritrea Eritrea (+291)
Spain Spain (+34)
Ethiopia Ethiopia (+251)
Finland Finland (+358)
Fiji Fiji (+679)
Falkland Islands Falkland Islands (+500)
Federated States of Micronesia Federated States of Micronesia (+691)
Faroe Islands Faroe Islands (+298)
France France (+33)
Gabon Gabon (+241)
United Kingdom United Kingdom (+44)
Grenada Grenada (+1 473)
Georgia Georgia (+995)
Guernsey Guernsey (+44)
Ghana Ghana (+233)
Gibraltar Gibraltar (+350)
Greenland Greenland (+299)
Gambia Gambia (+220)
Guinea Guinea (+224)
Equatorial Guinea Equatorial Guinea (+240)
Greece Greece (+30)
Guatemala Guatemala (+502)
Guam Guam (+1 671)
Guinea-Bissau Guinea-Bissau (+245)
Guyana Guyana (+592)
Hong Kong Hong Kong (+852)
Honduras Honduras (+504)
Croatia Croatia (+385)
Haiti Haiti (+509)
Hungary Hungary (+36)
Indonesia Indonesia (+62)
Ireland Ireland (+353)
Israel Israel (+972)
Isle of Man Isle of Man (+44)
India India (+91)
Iraq Iraq (+964)
Iran Iran (+98)
Iceland Iceland (+354)
Italy Italy (+39)
Jersey Jersey (+44)
Jamaica Jamaica (+1 876)
Jordan Jordan (+962)
Japan Japan (+81)
Kenya Kenya (+254)
Kyrgyzstan Kyrgyzstan (+996)
Cambodia Cambodia (+855)
Kiribati Kiribati (+686)
Comoros Comoros (+269)
Saint Kitts and Nevis Saint Kitts and Nevis (+1 869)
North Korea North Korea (+850)
South Korea South Korea (+82)
Kuwait Kuwait (+965)
Cayman Islands Cayman Islands (+1 345)
Kazakhstan Kazakhstan (+7)
Laos Laos (+856)
Lebanon Lebanon (+961)
Saint Lucia Saint Lucia (+1 758)
Liechtenstein Liechtenstein (+423)
Sri Lanka Sri Lanka (+94)
Liberia Liberia (+231)
Lesotho Lesotho (+266)
Lithuania Lithuania (+370)
Luxembourg Luxembourg (+352)
Latvia Latvia (+371)
Libya Libya (+218)
Morocco Morocco (+212)
Monaco Monaco (+377)
Moldova Moldova (+373)
Montenegro Montenegro (+382)
Saint Martin (French Part) Saint Martin (French Part) (+590)
Madagascar Madagascar (+261)
Marshall Islands Marshall Islands (+692)
North Macedonia North Macedonia (+389)
Mali Mali (+223)
Burma Burma (+95)
Mongolia Mongolia (+976)
Macao Macao (+853)
Northern Mariana Islands Northern Mariana Islands (+1 670)
Martinique Martinique (+596)
Mauritania Mauritania (+222)
Montserrat Montserrat (+1 664)
Malta Malta (+356)
Mauritius Mauritius (+230)
Maldives Maldives (+960)
Malawi Malawi (+265)
Mexico Mexico (+52)
Malaysia Malaysia (+60)
Mozambique Mozambique (+258)
Namibia Namibia (+264)
New Caledonia New Caledonia (+687)
Niger Niger (+227)
Norfolk Island Norfolk Island (+672)
Nigeria Nigeria (+234)
Nicaragua Nicaragua (+505)
Netherlands Netherlands (+31)
Nepal Nepal (+977)
Nauru Nauru (+674)
Niue Niue (+683)
New Zealand New Zealand (+64)
Oman Oman (+968)
Panama Panama (+507)
Peru Peru (+51)
French Polynesia French Polynesia (+689)
Papua New Guinea Papua New Guinea (+675)
Philippines Philippines (+63)
Pakistan Pakistan (+92)
Poland Poland (+48)
Puerto Rico Puerto Rico (+1 787)
Palestine Palestine (+970)
Portugal Portugal (+351)
Palau Palau (+680)
Paraguay Paraguay (+595)
Qatar Qatar (+974)
Reunion Reunion (+262)
Romania Romania (+40)
Serbia Serbia (+381)
Russia Russia (+7)
Rwanda Rwanda (+250)
Saudi Arabia Saudi Arabia (+966)
Solomon Islands Solomon Islands (+677)
Seychelles Seychelles (+248)
Sudan Sudan (+249)
Sweden Sweden (+46)
Singapore Singapore (+65)
Slovenia Slovenia (+386)
Slovakia Slovakia (+421)
Sierra Leone Sierra Leone (+232)
San Marino San Marino (+378)
Senegal Senegal (+221)
Somalia Somalia (+252)
Suriname Suriname (+597)
South Sudan South Sudan (+211)
Sao Tome and Principe Sao Tome and Principe (+239)
El Salvador El Salvador (+503)
Syria Syria (+963)
Swaziland Swaziland (+268)
Turks and Caicos Islands Turks and Caicos Islands (+1 649)
Chad Chad (+235)
Togo Togo (+228)
Thailand Thailand (+66)
Tajikistan Tajikistan (+992)
Tokelau Tokelau (+690)
Timor-Leste Timor-Leste (+670)
Turkmenistan Turkmenistan (+993)
Tunisia Tunisia (+216)
Tonga Tonga (+676)
Turkey Turkey (+90)
Trinidad and Tobago Trinidad and Tobago (+1 868)
Tuvalu Tuvalu (+688)
Taiwan Taiwan (+886)
Tanzania Tanzania (+255)
Ukraine Ukraine (+380)
Uganda Uganda (+256)
United States United States (+1)
Uruguay Uruguay (+598)
Uzbekistan Uzbekistan (+998)
Holy See (Vatican City State) Holy See (Vatican City State) (+379)
Saint Vincent and the Grenadines Saint Vincent and the Grenadines (+1 784)
Venezuela Venezuela (+58)
Virgin Islands, British Virgin Islands, British (+1 284)
Virgin Islands, U.S. Virgin Islands, U.S. (+1 340)
Vietnam Vietnam (+84)
Vanuatu Vanuatu (+678)
Wallis and Futuna Wallis and Futuna (+681)
Samoa Samoa (+685)
Yemen Yemen (+967)
Mayotte Mayotte (+262)
South Africa South Africa (+27)
Zambia Zambia (+260)
Zimbabwe Zimbabwe (+263)

Check out our Privacy Policy to learn more about how we handle your personal data.

decorbannerLeft

Related Case Studies

TMA Security Solution dashboard showing AI-powered threat detection, incident response, and automation tools in a unified platform

TMA Security Solution

Cybersecurity
Data Science & AI/ML
Security
Explore Morearrow_blue
Penetration Testing Service

Penetration Testing Service

Cybersecurity
RPA
Software Testing
Security
TMA has 10+ years of experiences providing services of Security testing and Penetration testing
Explore Morearrow_blue
Mitigate security risk with AI/ML application in training solution

Mitigate Security Risk With AI/ML Application In Training Solution

Cybersecurity
Data Science & AI/ML
A solution to monitor and classify user behaviors using AI/ML models, providing personalized security training based on individual
Explore Morearrow_blue