A heavy equipment manufacturer had a need to assess security in applications as they developed services to collect real-time data from devices and enhance predictive maintenance capability.
Enabling network access to the client’s equipment elevates risk to its customers. The client needed to reassure its customer that leading practices were taken to contain risk.
Our service included Application and IoT Security. We conducted web, mobile application, and API penetration testing to identify weaknesses. The Application Security service also included educating the client’s team regarding secure configuration of cloud services and secure coding practices. The IoT service focused on securing network protocols and interfaces to target devices.
The results achieved as a result of the engagements include:
- Enabled new revenue streams without significantly exposing the business to elevated risk
- Definition of cybersecurity controls enabled the client to manage cyber risk of new product features
- Increase cybersecurity awareness and enhanced the cyber risk culture