In order to meet stringent security protocols, the firm needed to conduct annual penetration tests on their web and mobile applications across business functions. This needed to be complemented with quarterly automated scans of the production URLs to identify and remediate security threats. With the aim to structure their testing activity into a comprehensive vulnerability program, the firm also had to operationalize the test results. However, the lack of a holistic testing framework made it difficult to schedule tests and adhere to predefined SLAs and timelines.
TCS implemented a structured enterprise-wide vulnerability management framework, which combined automated scans and manual testing processes for all applications. Deploying over 100 test cases across categories, we ensured accurate identification, analysis, and reporting of critical findings defined in-line with the severity index. Based on the results, we delivered customized remediation measures.
Leveraging TCS’ vulnerability checklist and risk assessment matrix, the firm could gauge, segment, and neutralize varying security issues. We also conducted and reported test findings and vulnerability trends gleaned from periodic statistical analysis to help increase visibility for the firm’s stakeholders. Our solution helped streamline the overall application testing process across different lines of business.
"I rank TCS 1st among my suppliers and recommend them within & outside my organization"
Director, IT Risk & Security