| Customers: Taglex Moscow; Logistics and Distribution Contractors: Infosecurity Product: IT and Security External Audit Projects (PCI DSS and ISMS)Project date: 2023/09 - 2024/07
|
2024: Holding pentests
Softline Group of Companies conducted comprehensive penetration testing (pentest) for Taglex. As part of the project, Infosecurity engineers ( part of Softline Group of Companies) identified vulnerabilities in the company's information security system and formulated individual recommendations to improve its security. Softline announced this on August 19, 2024.
TAGLEX has been active in the Russian logistics services market for more than 20 years under the well-known Japanese brand. Maintaining its commitment to key principles: quality, flexibility, attention to details and customer needs, continues its development in the market under the brand - TAGLEX.
In the fall of 2023, the company began to search for an executor for pentesting internal and external security systems. The Infosecurity team held a number of meetings at which they presented cases of similar successful projects and highlighted the mechanism of upcoming work. Having assessed the wide expertise and technical awareness of the specialists, the customer decided to further conduct the project together with Softline Group of Companies.
Having determined with the customer the research objects, the level of access to the infrastructure and the conditions for the attacks, Infosecurity engineers began work. The pentest was carried out through imitation of the actions of intruders from the inside and outside of the company and took one calendar month.
Based on the results of the testing, the project team provided the customer with a detailed report on current vulnerabilities in information systems and formulated recommendations for improving security. Since the customer belongs to an international holding, the report was also prepared in English. When implementing the recommendations provided, the client will reduce the risks of data leakage from the client base, violation of the external perimeter, DDoS attacks, compromise of servers with data, domain controllers, and much more.
This project was the starting point for the development of further partnership. As of August 2024, companies are implementing several joint initiatives in the areas of analytics and import substitution.
 | Pentest minimizes potential security risks and increases information security of systems. After such work, the customer has a clear understanding of the weaknesses and opportunities for their improvement. That is why we recommend conducting pentests not only after serious changes in information security systems, but also on a regular basis with a frequency of about once a year. A proactive approach to information protection will minimize financial losses and other risks, - commented Andrei Alexandrov, Development Manager of Application Security of Softline Group of companies. |  |
{{quote 'TAGLEX used the services of Softline Group of Companies to conduct the penetration test and remained fully satisfied with the results of its performance. In our opinion, the team of specialists showed a high level of professionalism and showed deep knowledge in the field of cybersecurity. The preparatory phase involved a thorough discussion of our needs and expectations. During testing, Softline Group of companies experts demonstrated methodical and attention to detail and at the end provided detailed and informative reports with specific recommendations for correcting problems. I would also like to note their communication and support at all stages of work. We received quick and competent answers to all the questions and doubts that arose with us. As a result of the penetration test, we were able to significantly increase the security level of our systems, - said Boris Novitsky, head of infrastructure at TAGLEX. }}
| | Conducting a pentest is a creative process that each customer and vendor, with high-quality joint work, try to make as manageable as possible. It is important not only to find possible vulnerabilities, but also to "think" as a criminal so as not to miss non-obvious ways of hacking. The specialists of the Softline Group of companies performed such a "transformation" into a team of highly professional hackers very convincingly and, as a result, provided us with detailed recommendations on how to close the vulnerabilities found. We are convinced that the cost of the work carried out, which allowed us to strengthen information security, is much lower than the amount of reputational costs from the intrusion of intruders, - commented Kirill Alekseyevich Sergeyev, Chief information officer of TAGLEX. | |
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |