J.A.S.B Group is engaged in rendering services ranging from pre-establishment advisory to complex business process re-engineering. Their clients hail from a variety of economic sectors and include both national & multinationals. JASB serves its clients through a team of experienced professionals having a sound business, finance, legal and technical acumen and the pleasure of having served more than 350 satisfied clients.

Concave FORT was engaged by J.A.S.B. & Associates to conduct a Penetration Testing exercise. The security assessment activities helped to identify exploitable vulnerabilities, insufficiently configured security controls, or inadequate developer’s security awareness to determine the likelihood that a user could obtain unauthorized access to the Application. OWASP Web Security Testing methodology was used to perform this assessment, which focused on attempting to access the client’s resources by exploiting identified security weaknesses.

PROJECT CHALLENGES

JASB Associates required OWASP Compliance with their Taxation solution for their clients. The application needed to be highly secure and ensure OWASP Compliance for the protection of sensitive information.

SOLUTIONS

Concave FORT’s security experts scoped the project under the Grey box to evaluate the security posture of the Web. The security experts used OWASP WSTG under NIST-recommended Penetration Testing phases.

During the penetration testing, our experts identified critical vulnerabilities, which can be exploited, and shared the recommendation for remediation. The JASB’s development team was aligned with the FORT’s Security team to understand and remediate the identified risks, which the penetration testers classified according to CVE severity, reflecting the business risk.

The post-remediation assessment of the application by FORT’s Penetration Testers ensured no potential risks for OWASP compliance.