ICL Services

Japanese podcast hosting

The project's customer is a Japanese company, with which ICL Services planned to work together in various IT areas on a long-term basis.
In 2020, the company launched a new digital project, a Web platform where users can listen to podcasts and audio shows. To evaluate the expertise of ICL Services in terms of future work, as a pilot project the client turned to us to analyze the information security of the service.

Key Challenges

  • Evaluate the security level and the possibility of hack-ing a web service using pen test attacks.
  • Formulate recommenda-tions to address security flaws and test their imple-mentation to improve the web service's reliability and resilience to cyberattacks.
  • Prepare a final report in Japanese.
Solution

Implemented our solution

  1. The project began in the fall of 2020. ICL Services specialists first discussed the task with the customer, agreed on methodologies, access, and tools, and got to work.

    Penetration testing was implemented based on a black-box methodology: after receiving a resource link from the customer, the experts had to perform the test using specific IP addresses, so that they had access to the test bench.

    The service's functionality was simple — for example, there was no user authentication or payment for subscriptions. However, ICL Services engineers discovered several security flaws.

    For instance, it was identified how hackers can make the resource under test send arbitrary requests and attack other systems. The experts gave recommendations on how to avoid this, and on retesting confirmed that the customer had fixed the flaws.

Results

  • The pen test project was completed in two weeks.
  • Security flaws were identi-fied and recommendations for fixing them were given, and a retest was conduct-ed.
  • A report was prepared in Japanese that described in detail each security flaw, how to exploit it, and the risk associated with it.
  • After the successful im-plementation of the pilot project, the customer con-tinued to work with ICL Services in other areas.

Services provided

Drop us a line

Contact us

Request a call

Name*
Phone*
Email*
Company*
Please see the Privacy Notice further information regarding your rights.

I have read the Privacy Notice and consent to the processing of my personal data

icl-services.com uses cookies, and by continuing browsing the website you give your consent to the use of cookies by us. Otherwise you should leave our website after reading this.

Ask a question

Name*
Email*
Company*
Position*
Phone*
Message*
Please see the Privacy Notice further information regarding your rights.

I have read the Privacy Notice and consent to the processing of my personal data

Request a call

Name*
Phone*
Email
Company*
Please see the Privacy Notice further information regarding your rights.

I have read the Privacy Notice and consent to the processing of my personal data

Up