back to services

Penetration Testing Example

penetration testing case studies

COMPANY: Enterprise event data warehouse software provider

INDUSTRY: Cyber Security

SOLUTION: Log adapters, parsers, preprocessors, senders.

TOOLS AND LANGUAGES: Python, Perl, C, proprietary event processing language, and SQL extensions.

SYSTEMS AND HARDWARE: HP Compliance Log Warehouse, Oracle, Windows, Unix.

STANDARDS AND REGULATIONS:

Sarbanes-Oxley (SOX), Payment Card Industry (PCI) Data Security Standard (DSS), the Health Insurance Portability & Accountability Act (HIPAA), the Federal InformationSecurity Management Act (FISMA).

what is the purpose of a penetration test

GeeksForLess Security Operations team was dedicated to a US-based financial services company but encountered challenges configuring the managed Security Information Event Management system. Due to licensing restrictions, we could only customize the system with approval from the vendor. We presented a 2 technical proposal to the software vendor deemed valuable and applicable to other clients. As a result, the vendor hired GeeksForLess to perform custom integrations, implement new features, and undertake various development projects. Since then, the company has undergone several mergers and acquisitions, but GeeksForLess has remained its trusted software development partner for over a decade.

penetration test cyber security

PREREQUISITES

Documentation

  • Proprietary SIEM system installation, configuration, and upgrade guide
  • Event collection guide (receivers, collectors, parsers, correlators)
  • Log adapters creation guides (hardware and software specific)
  • Event processing language developer’s guide
  • SQL language extensions
penetration testing qa

TRANSITION

6 weeks

  • Completed training and studying the documentation
  • Developed new parsers
  • Optimized several existing parsers
  • Fixed several deployed custom parsers
  • Established release cycle and upgrade procedures
penetration test examples

STEADY-STATE OPERATIONS

  • Developed over 30 custom parsers for various types of sources
  • Created preprocessor scripts for log parsing optimization
  • Setup lab environments (Windows, Unix, Oracle) for research and testing new parsers
  • Introduced functional test cases to test new builds nightly
  • Created and updated documentation
  • Provided professional services to customers (Tier 4 support, configuration, and problems investigation)
penetration testing step by step

BENEFITS ACHIEVED

  • Improved performance of the customers’ existing deployed systems
  • Enhanced functionality and richness of data collected by the existing customer instances by customizing
  • the parsers and preprocessors
  • Increased the stability of the core product
  • Improved test coverage of the system
  • Decreased time to market for the new parsers and preprocessors
  • Reduced the costs of R&D
250 +
Clients
500 +
Projects
1000 +
Engineers

Let’s work together to build something great