Philip Morris International (PMI) is one of the world’s leading international tobacco companies, headquartered in New York City. One of their assets for inventory management required the verification of secure development and Penetration Testing for compliance requirements. On the request of PMI, Concave FORT conducted the VAPT of the IMS-Inventory Management Solution, to evaluate the security posture of the application, and ensure compliance with industry-accepted secure development methodology to verify secure development of the Web and protect their proprietary data and confidential information from bad guys.
To verify the secure development, Concave FORT experts aligned with the development teams of the Web-Application to ensure the secure development & compliance of the web application against OWASP Application Security Verification Standard (ASVS) and consequently tested it for compliance. The recommendations helped the developer to secure the application, which was tested for post-remediation assessment under OWASP WSTG (Web Security Testing Guide). The compliance enabled PMI in securely host it in production and use it safely.
Risk evaluation and mitigation of the Public facing Assets i.e. Web Applications minimizes the likelihood of reputational loss, business interruption and errors that could lead to major cyber-attacks.