News & Events

Critical/High Severity Vulnerabilities Found In $1B Fintech Company

One of our clients is a leading developer of software applications for brokerages, banks, and electronic trading exchanges. They thoroughly test their applications and use numerous “defense-in-depth” security tools including next-gen firewalls, IDS/IPS, SIEM, automated vulnerability and malware tools.

What they lacked was Human Intelligence to correctly prioritize alerts/risks identified by the various tools to focus their security resources on fixing the true threats. They also did not emulate blackhat hackers attempting to exploit their systems, or test vulnerabilities together to escalate the severity level.

Through combining Machine Learning crawlers with whitehat hacking, we found previously unknown

  • Account Takeovers
  • Authentication Bypass
  • Multiple XSS and CSRF vulnerabilities
  • Insecure direct object references
  • Token stealing and other logical security issues
  • We will prove the effectiveness of our methods to you in the results of a free 24-hour test.

Email us at security@apptroops.com  to avail the Free 24 – Hour Pen Test Offer.