|
This case study about a supermarket store chain demonstrates the importance of segmentation and utilizing a Firewall Ruleset Review to verify the segmentation. Specifically, SecureState helped the store chain assess how well segmentation of its wireless-enabled embedded devices from its corporate network was done.
|
|
This is a case study about a software company that develops payment applications that must meet a specific set of requirements outlined in the Payment Application Data Security Standard (PA-DSS). The client challenge involves determining what type of expertise the PA-QSA that performs the assessment possesses.
|
|
This case study about a large financial institution demonstrates the proper way to set up policies and procedures pertaining to disposing of sensitive information in a secure fashion. SecureState was brought in
to determine where the weaknesses are, and how they need to be corrected in order to meet the proper standards.
|
|
This is a case study of three companies that had External Penetration Assessments performed. This document will detail how SecureState broke into the organizations and what recommendations SecureState provided to the clients – including the often understated necessity and importance of having a corporate resiliency program in place.
|
|
A multinational company that is not currently EU-US Safe Harbor certified elected to undergo a Privacy Gap Assessment to determine both current compliance with Safe Harbor and the next steps in achieving a more secure environment.
|
|
This is a case study of a polymer company that was severely deficient in minimum security baselines and incident response preparation, as such these deficiencies led to a malware infestation that proved difficult to remove.
|
|
This is a case study of an energy company, SecureState was brought in to perform multiple assessments but quickly discovered the biggest flaw was the lack of incident response and event correlation.
|
|
In this study, a university was receiving a Return on Compliance (RoC) and needed an internal penetration assessment performed to verify compliance. SecureState determined a flaw in a third party vendor that led to unencrypted sensitive information.
|
|
This is a case study of a vet clinic, the vet clinic noticed a breach after coming in on Monday and finding multiple critical software and programs deleted. SecureState was brought in to determine the breach, how it occurred and when it occurred.
|
|
This is a case study of a large regional hospital that wanted to understand their HIPAA security gaps and obtain technical validation of the deficiencies in their security management program.
|
|
SecureState was successful in breaching the clients' property and building during a physical penetration test. The company was at extreme risk when it came to loss of confidentiality, integrity, and availability of systems and information.
|
|
In January 2010, the merchant bank for a very large realty firm requested the organization show compliance with the PCI standard by September 30, 2010. Never having to be PCI compliant before, the Level 2 realty corporation contracted SecureState to perform a PCI Gap Analysis to help them identify gaps and become PCI compliant.
|
|
In September of 2007, the Secret Service showed up at the door of a restaurant chain and reported to them that a number of their customers were reporting the same types of fraudulent charges on their credit cards.
|
|
After decades of continuous growth and profit, the company contracted SecureState to review the external security around the websites of new acquisitions.
|
|
After the Hannaford grocery chain suffered a breach, the management at another large grocery chain approached their security department and posed the question “Could it happen here?”
|
|
SecureState performed an external attack and penetration for a top United States bank. This assessment simulated an attacker attempting to gain access to the bank’s resources across the Internet.
|
|
Never having tested the logical (IT) security of their organization, a Casino contracted SecureState to perform internal and wireless penetration tests.
|
|
This paper is a case study of a Midwestern bank that requested to have its physical security assessed via penetration testing including secondary information gathering and testing the resulting vulnerabilities found.
|