How a retailer with both brick and mortar and online stores reduced overhead costs to allow re-investment into the business by validating PCI DSS compliance through penetration testing.

From scope, planning and preparation, fieldwork, deliverables and results, and post-assessment activities. Read the case study.

WHO: MID-SIZE RETAILER
e-Commerce
Brick & Mortar Stores

WHY: PCI DSS COMPLIANCE REQUIREMENTS
M&A – now Level 1 Service Provider
Former IT resource errors
Needed comprehensive review

network penetration testing

HALOCK is headquartered in Schaumburg, IL, in the Chicago area and advises clients on reasonable information security throughout the US.

 

Exploit Insider

Weaponizing Legacy Software

Legacy software that uses web traffic can be used to blend in with other incoming and outgoing traffic.

 

Abusing Default Credentials

Attackers can exploit default credentials to escalate privileges within systems, endangering sensitive assets.

 

Exploiting API Endpoints

Relying on frontend controls for access management can lead to attackers gaining excessive privileges.

 

The Dangers of Legacy Protocols

How poisoning legacy broadcast name resolution protocols led to domain compromise

 

Penetration Test Report Essentials