We have completed a security assessment of the promising platform MEF.DEV
This project was of particular interest to us, since it focused on digital transformation in the field of telecommunications, for which we also provide a wide range of services.
The security risk assessment was based on the results of a penetration test. H-X used an integrated approach based on ISO 27005, CRAMM and British Standards Institution (BSI) guidelines to improve our threat and risk analysis of detected security issues and optimise risk assessment and risk handling decisions. Best practices from OSSTMM (Open-Source Security Testing Methodology Manual), OWASP (Open Web Application Security Project), NIST, ISACA were used. Automated and manual methods were used to assess the security of the target systems.
As a result of the initial assessment, several vulnerabilities of different criticality levels were detected. The client received a detailed report with recommendations, as a result of which the vulnerabilities were promptly eliminated by the developers. Repeated testing confirmed that the MEF.DEV platform had gained a sufficient level of security for public use.
Here is the certificate of passing the audit: