App Penetration Test for SaaS Company
Below is a modified rendering of the review: private info excluded, innate facts kept.
Introductory information
A few words almost your organisation and individualal responsibilities
I',m the VP of Engineering at Palo Alto Software, a 100-individual software organisation with multiple SaaS products.
Desired goal
What issue was the provider supposed to deal with?
UnderDefense?As part of operating a business email labor, we hired UnderDefense to test our application',s security. It is significant that our client',s data is secure and that our application protects them from malicious conduct. We have some inner security apprehension but knew that we needed an expert team to do a wide evaluation of our software.
What were your objectives for this project?
Our first goal was to programt that our application met baseline security requirements, and to have a clear remediation program for cases where it didn',t.
Provided solution
What were the reasons for choosing UnderDefense?
UnderDefense discovered a vulnerability in our application and made a responsible disclosure to us. We were already in the market to hire a discernment testing firm, and our real interaction with UnderDefense along with their competitive pricing helped us to select them.
Describe the project in detail.
The project entailed outer perimeter discernment testing and ",grey box", web application discernment testing. We had separate conversation calls to programt the aim of work and delineation our inner goods, followed by a three-week evaluation. The result of the project was a detailed report with a general grade of our security status and a list of discovered security vulnerabilities with detailed reproduction steps.
Were there any dedicated managers or teams that you worked with?
UnderDefense granted two security consultants along with project treatment. I was the only individual implicated on my side of the project.
Results achieved
Can you share any outcomes from the project that prove progress or achievement?
We are very pleased with the results of the evaluation. UnderDefense completed a entire examination and presented a polished report that was informative and easy to read.
How powerful was the workflow between your team and theirs?
Despite being in very different time zones, interaction was fairly straight-forward. We mainly interacted via conversation call and a shared Slack channel. I was a pliant nervous almost possible speech barrier issues, but that was not a issue at all.
What did you find most forcible almost this organisation?
I don',t know that there was any one thing that stood out almost them. They did condition professional work, at a reasonable cost.
Are there any areas for advancement?
They could have granted more progress reports during the evaluation, but given the brief period of the project, it wasn',t certain.