ERP Software Developer
Highly demanding clients:
most of the customer’s clients are reliant on their own critical infrastructure.
Mission critical project:
In preparation for a major software update, the software developer needed to make sure the new release was secure and protected from potential external and internal threats
Third-party data centers
and cloud platforms
The full and comprehensive assessment was finished within a week and critical anomalies were immediately addressed
The customer received full overview of its complex IT infrastructure, including software updates
Risks were addressed quickly thanks to GuardYoo's recommendations.
This customer is a well-established software development company providing ERP solutions, they employ 350 IT professionals, and clients include high profile manufacturing companies who are very much reliant on their own critical infrastructure.
As IT operations are Business-Critical to both the ERP provider and their client base, the company needs to ensure they have a high standard of cyber security.
Because they are part of their client's 3rd Party Supply Chain, it’s also important that they do not expose the other members of the supply chain to breach as this would cost them from both a financial and reputational point of view.
Many of the ERP provider’s clients are connected to the Military, Oil & Gas and Energy sectors and operate in densely populated areas.
Cyber-attacks against such sectors can have disastrous implications such as environmental disaster or national security failure.
While preparing to deliver a major software update to their client base, the ERP provider felt it prudent to have a Compromise Assessment carried out on their systems before pushing the new software update out to their clients. They wanted full visibility of any vulnerabilities within their network to ensure no malicious software was present and that no gaps existed that could be exploited by attackers.
The ERP provider needed to know if there had been any previously undetected breaches on their network and so they chose GuardYoo to deliver a Compromise Assessment audit.
As the GuardYoo solution gathers and analyses historical data that is already available, (does not involved deploying people or devices to monitor the network) it perfectly satisfied the ERP provider’s needs.
As the ERP provider has a relatively small infrastructure but boasts a high level of IT automation, all Windows Log Files were gathered within 2 days and uploaded to the GuardYoo cloud.
GuardYoo proprietary algorithms prepared the data for analysis and sent the results to the GuardYoo analytics engine.
GuardYoo technology ensured the customer had full visibility of proceedings via their secured private account, allowing them to monitor each phase and the validation process.
The entire network was mapped within a 24hour period and highlighted many areas that could potentially be exploited by hackers to gain access.
The final report was delivered to the customer in PDF Format.
The GuardYoo Threat Hunting Team outlined a detailed list of Corrective Actions that should be adopted by the ERP provider as part of their long-term strategic plan for cyber security.
Unauthorised use of PSEXEC on Business-Critical servers
Non-Encrypted sensitive data available to external connections
Multiple cases of Unauthorised Remote Access software being used
Malware present within the network which had been dormant for over 3 months
Multiple cases of Open Administrative Sessions between various servers
7 cases of Critical Threats and 6 cases of Moderate Threats were discovered.
Examples of these threats included:
As the majority of these findings were considered High Risk, the ERP provider’s IT security team immediately addressed the corrective actions outlined by GuardYoo.
GuardYoo’s Compromise Assessment audit lead to a very important review of the ERP provider’s existing cybersecurity strategy.
Because of the nature of the vulnerabilities found and the potential threat to the wider Supply Chain, some software updates were postponed. GuardYoo’s Compromise Assessment audit helped the ERP provider’s Cyber Team identify which projects needed to be prioritised.
The ERP provider agreed that the Compromise Assessment audit provided much more relevant results in comparison to Penetration Tests taken in the past.
As a result, the customer committed to undertake regular GuardYoo Compromise Assessments as part of their overall cyber security strategy.