Electrohold ICT Penetration Testing

Overview

Electrohold ICT is the legal successor of CEZ ICT Bulgaria EAD. The company provides numerous services in the field of information and communication technologies, which are systematized in a catalog and have guaranteed quality parameters and response times.

Challenge

Electrohold ICT, following the company’s goal to create, maintain and develop high-tech and reliable ICT solutions, has requested from Telelink Business Services to provide series of penetration tests of their infrastructure and web applications to identify vulnerabilities, which might be exploited by threat actors.

INDUSTRY: Technology

Solution

Telelink Business Services checked and evaluated the security posture of publicly accessible web systems of Electrohold ICT group companies, through remote network access, and internal network access of information systems in the scope.

Considering the OWASP and NIST SP 800-115, our certified and highly experienced testers conducted the security assessment of systems and applications.

As a result, a comprehensive penetration test report has been delivered with the following information:
– Scope of the test, using the information provided by the customer;
– Method – a combination of black-box and grey-box approach;

– A thorough analysis of the findings, containing a risk and impact assessment according to the OWASP methodology, technical information on the vulnerabilities, remediation guidelines, etc.

Follow-up meeting with the costumer, presenting the report.

Results

800 Segment Networks

3 Web Applications

3 Domains

2 Mobile Applications

Full-scope Red Teaming penetration test of all internal networks

Continuous penetration testing of:

• Web applications
• Mobile applications

Increased cybersecurity posture of digital assets Improved companies’ information security

Improved companies’ information security