Sekurno

BACKGROUND

OPPORTUNITY / CHALLENGE

• Ensure platform security
• Compliance with rigorous Enterprise security requirements
• Achieve internal security assurance

SOLUTION

• Online Search
• Referral

• Pricing fit our budget
• Referred to me
• Other

• Introductory Meetings and Sales Process: The project began with detailed initial meetings where Sekurno thoroughly explained their approach to security. Their expertise and understanding of our needs built immediate trust, leading us to commit to a 2-year contract without hesitation.
• Project Execution: Throughout the execution phase, we were constantly informed about the project's progress. Sekurno's team was diligent in communicating all critical findings promptly, ensuring we could take swift action when necessary.
• Reporting Phase: The culmination of the project was marked by Sekurno delivering a comprehensive, password-protected report. This not only detailed the vulnerabilities found but also underscored Sekurno's serious commitment to maintaining our security. The report provided us with clear guidance on prioritizing and addressing the identified issues.

RESULTS & FEEDBACK

BACKGROUND

OPPORTUNITY / CHALLENGE

• Meeting Compliance Requirement
• Provide Evidence for Customers of our commitment to security
• Internal Security Assurance

SOLUTION

• Online Search
• Clutch Site

• High ratings
• Pricing fit our budget
• Great culture fit
• Company values aligned

• Sales Process: The project began with an initial conversation about our need for penetration testing. Sekurno was one of five vendors we considered. Their presentation stood out due to its directness and the thorough explanation of the need for white box testing, which was different from what other vendors offered.
• Negotiation Phase: We had a smooth negotiation process with Sekurno, focusing on aligning our budget and security needs. The agreement reached was mutually beneficial.
• Project Execution: The project involved an extensive penetration test. Communication was effective and mainly through Slack, which kept us well-informed about the project’s progress.
• Key Deliverables: We received a comprehensive vulnerability report followed by a retest to ensure all the identified issues were resolved. The deliverables also included an attestation letter confirming the successful remediation of the vulnerabilities.
• Final Phase: The project concluded with the presentation of a detailed report and the provision of the attestation letter. The report was particularly noted for its clarity and easy readability, combining both technical details and high-level information effectively.

RESULTS & FEEDBACK

• Virtual Meeting
• Email or Messaging App

BACKGROUND

OPPORTUNITY / CHALLENGE

• Enhancing Security
• Optimizing Transaction Efficiency
• Understand security risks better

SOLUTION

• Online Search
• Referral

• High ratings
• Pricing fits our budget
• Great culture fit
• Referred to me

RESULTS & FEEDBACK

• Virtual Meeting
• Email or Messaging App

BACKGROUND

Introduce your business and what you do there.

As a pioneering force in the ever-evolving global IoT industry, RAKwireless designs and produces inventive, comprehensive IoT solutions. Our robust product portfolio includes over 50 actively produced items, spanning from IoT modules and LoRaWAN Gateways to ready-to-deploy Node devices. These offerings cater to a wide spectrum of customers, encompassing both IoT developers and deployers.

OPPORTUNITY / CHALLENGE

What challenge were you trying to address?

Over the past few years, our growth trajectory has been steep, with numerous B2B and B2C product launches, several of which have seen extraordinary popularity. As our market presence and customer base expanded, the necessity to enhance our product security became increasingly apparent. This became crucial not only to safeguard our customers and their data but also to uphold our reputation. 

Consequently, we set an objective to align our company and products with ISO 27001 standards and GDPR regulations. Thus, we found ourselves in pursuit of a comprehensive, sophisticated cybersecurity program and sought out a proficient and trustworthy service provider.

SOLUTION

What was the scope of their involvement and team dynamic?

Our partnership with Sekurno originated from the penetration testing of our critical software product, a comprehensive remote IoT fleet management system. With its role in handling sensitive data, we needed assurance of its security. 

We aimed to undertake a thorough security audit, scrutinizing our infrastructure and the interaction between cloud and device, to meet the most stringent standards. Accordingly, Sekurno initiated a white box penetration test of our web application and APIs, scrutinizing the front-end, back-end, and source code.
The security concerns identified by Sekurno's pen testers were meticulously documented in a report, which included a proof of concept for each issue. Additionally, they collaborated with our development team in implementing fixes and testing them, ensuring the security of our application and APIs.
Given the fruitful collaboration between Sekurno's experts and our software developers, as well as the insightful penetration test results, we extended our partnership to include the Software Security Development Lifecycle (SSDLC). This step aimed at incorporating top-notch security practices into our software development process. The Sekurno team conducted a gap analysis of our existing code based on penetration test results, followed by a review of our SDLC to uncover specifics of our internal development process. Based on these findings, they assembled a security team to collaborate with our developers throughout all stages of the software development process, including risk analysis during the design phase, establishing security requirements parallel to functional ones, and aligning security testing with development.
In our pursuit of ISO 27001 compliance, we expanded our collaboration with Sekurno to establish an Information Security Management System (ISMS) that aligns with the standard and prepares us for certification. They conducted a comprehensive assessment of our company, developed an action plan to bridge gaps, and guided us through ISO27001 implementation, certification, and subsequent ISMS maintenance tasks.
Sekurno also assisted us in achieving another critical compliance milestone, the GDPR. Given our strategic focus on the EU market, we needed to ensure that our software development abided by the principles of privacy by default and privacy by design. Sekurno carried out a GDPR compliance audit for several RAKwireless software products, delivering an Internal Audit Report, GDPR-required documentation, Records of Processing Activities (ROPA), Legitimate Interests Assessments/Data Protection Impact Assessments (LIAs/DPIAs), Standard Contractual Clauses (SCC), EU representative assignments, Data Protection Officer (DPO) assignments, and a final report detailing the results of the GDPR compliance assessment.

What's the status of this engagement?

Having achieved ISO 27001 certification and advanced our GDPR compliance to a level suitable for global operation, particularly within the EU, we have now redirected our partnership with Sekurno towards vulnerability management, DPO, and EU representative outsourcing for GDPR-related activities.

RESULTS & FEEDBACK

How did your relationship with your partner evolve?

Our relationship with Sekurno has evolved gradually, increasing both in the complexity and volume of tasks assigned. We've progressed from conducting a penetration test on a single web application to testing multiple products, eventually incorporating Sekurno into our core software development processes. Their involvement in the Software Security Development Lifecycle (SSDLC) has effectively preempted numerous significant security issues during development, which has proven to be immensely valuable. They later took charge of compliance projects that held, and continue to hold, strategic importance for us.
In terms of outcomes, beyond enhancing our internal and external processes from a security perspective and achieving ISO 27001 and GDPR compliance, one of the most crucial results is our preparedness for security-focused discussions with our customers. Such conversations have been increasingly frequent, and we're now well-equipped to provide detailed and convincing responses to our customers' inquiries.
Our collaboration with Sekurno has consistently been seamless. They've delivered on time, and any extensions in timelines were only due to our decision to expand the scope of tasks. Their project management has been exceptional, exceeding our expectations.
What sets Sekurno apart is their ability to compete with larger firms despite their relatively smaller size. Their compact structure facilitates more manageable project management and offers competitive pricing. They've repeatedly demonstrated their capabilities and competence.
One particularly commendable aspect of our collaboration with Sekurno is their integrity. They never attempt to push services we don't need, focusing instead on what's currently essential and beneficial for us as a client.

In what ways can they improve?

While there's hardly anything to critique, one recommendation would be the implementation of a customer portal. This platform could facilitate sharing of findings and deliverables with customers, and also support additional workflows. I believe such an initiative could bring substantial benefits to both parties.

What advice do you have for clients with similar needs to yours?

For companies contemplating cybersecurity programs, my recommendation would be not to delay until the situation becomes critical. Select individuals and teams with the required expertise and place your trust in them to manage your cybersecurity responsibilities.

UPDATED REVIEW

This review was published on July 14, 2021.

VP, RAKwireless

Manufacturing

51-200 Employees

Shenzhen, China

$10,000 to $49,999

Dec 2020 - Feb 2021

Project summary

Sekurno provided full security audits for an IoT solutions company. The client wanted the vendor to focus on their cloud infrastructures and their vulnerabilities to bugs and cybersecurity threats.

Feedback summary

Sekurno led a transparent, trustworthy service that exhibited confidence in their extensive technical skills. They guided the company through the implementation of their suggestions and even provided additional testing. The client also praised their smooth workflow.

BACKGROUND

Please describe your company and your position there.

RAKwireless is a pioneer in providing innovated and diverse LPWAN connectivity solutions for IoT edge devices, for both enterprises, SMB and individuals. IoT solutions should not be complex. We strive for simplicity and effectiveness in all products we develop.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire Sekurno?

We have Fleet Management System for our gateways, which handels sensitive date. We wanted to do a full security audit (to make sure we meet the highest standards) and we wanted Sekurno to review our infrastructure and mechanisms between cloud and device.

SOLUTION

How did you select this vendor and what were the deciding factors?

Our partner referred us to Sekurno, and after interviewing a number of potential candidates, Sekurno came out as best. Professional approach, clear outlines, and a good offer. No hidden fee's whatsoever.

Describe the project in detail and walk through the stages of the project.

The scope of Sekurno included penetration testing of our web-application and API's. They were tasked with checking the front-end, backend, source code, vulnerabilities and security bugs -consolidated in a detailed report with proof of concept for each issue. Besides that Sekurno also worked together with our development team on implementing all the fixes and testing all the implementations, to make sure the application and API's were safe.

How many resources from the vendor's team worked with you, and what were their positions?

Sekurno - Senior Penetration Tester & Lead - Senior Penetration Tester Partner / RAK - PM - QA - DevOps - FE - BA - AWS Experts

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

• Report with business summary, security issues identified, technical details, and recommendations on fixing.
• The Checklist with the results of tests performed.
• Guidance on implementation of fixes
• Additional testing to make sure all issues are fixed

How effective was the workflow between your team and theirs?

After discussing the workflow between the teams, all went very smooth. Sekurno kept us (stakeholders) updated during the investigation and also discussed some things preliminary with our development partner.

What did you find most impressive or unique about this company?

The people at Sekurno clearly know what they are doing and don't shy away from a challenge. Although this review is focussed on 1 project only, we are currently running multiple projects with them in parallel. Sekurno every time finds a way to meet our business needs, even though while in some cases they don't have the expertise in house yet. They have a trusted network of partners. Which is great for us as client.

Are there any areas for improvement or something they could have done differently?

We are very satisfied and at this moment, we have no additional recommendations on what could be done differently or better.

Overall rating: 5

Quality: 5

Cost: 5

Schedule: 5

Willing to refer: 5

BACKGROUND

Please describe your company and position.

I am the information security officer of Performica

Describe what your company does in a single sentence.

Performica is a cloud HRM service designed to provide data-driven guidance to proactively retain employees. It helps HR teams to understand the well-being of the personnel, how efficiently people interact between teams with each other, and what is their opinions about the company.

OPPORTUNITY / CHALLENGE

What specific goals or objectives did you hire Sekurno to accomplish?

• conduct penetration test by a third-party pentester to pass the audit for SOC2 type 2.
• assess security posture of our application

SOLUTION

How did you find Sekurno?

• Online Search
• Referral

Why did you select Sekurno over others?

• High ratings
• Pricing fit our budget
• Great culture fit
• Referred to me

How many teammates from Sekurno were assigned to this project?

2-5 Employees

Describe the scope of work in detail. Please include a summary of key deliverables.

We approached Sekurno with a grey box pentest task. The pentesters were communicating with the developers, however, did not have access to the source code. Essentially, it turned out to be a web pentest with AWS infrastructure checks included into the scope. Sekurno team provided us with good deliverables: 

• a detailed penetration test report containing clearfindings and actionable recommendations. 
• checklists with all the tests performed by the Sekurno Team 
• Threat Models developed during the project planning phase. Also, we had a very useful QnA session devoted to pentest results with Sekurno team.

RESULTS & FEEDBACK

What were the measurable outcomes from the project that demonstrate progress or success?

• One of the most important outcomes of the project is that Sekurno team was able to identify the security issue with data filtering. It was not working the way it should have. What makes this result even more valuable, is that this issue had been overlooked by some Cybersecurity giants that had tested our application before Sekurno. 
• They tested this application before, but none of them found it. I think, it is really great that Sekurno researchers were able to find this vulnerability in our application.

Describe their project management. Did they deliver items on time? How did they respond to your needs?

The project management worked really well. Everything was delivered on time; all timelines were observed. The workflows were managed really well. We had access to a shared Slack channel, and everyone from our team was able to get information from the researchers and communicate with the Sekurno team without obstructions. 

At the same time, pentesters were also using it to inform us instantly about new requests, such as IP addresses to whitelist, and ask more questions about how the application works.

What was your primary form of communication with Sekurno?

• Virtual Meeting
• Email or Messaging App

What did you find most impressive or unique about this company?

The most impressive about Sekurno is their proven ability to go deeper and discover more than big cybersecurity vendors.

Are there any areas for improvement or something Sekurno could have done differently?

I believe Sekurno is doing everything great already.

BACKGROUND

Please describe your company and position.

I am the Chief AI Officer (CAIO) of DocDigitizer

Describe what your company does in a single sentence.

DocDigitizer is a Cognitive Data Capture / Intelligent Document Processing SaaS , with (near) 100% accuracy guaranteed by SLAs, Zero Set-up and full Pay-per-Use.

OPPORTUNITY / CHALLENGE

What specific goals or objectives did you hire Sekurno to accomplish?

• Enhancing Information Security
• Compliance and Certification for ISO 27001
• Access the Security Posture
• Run White-Hat Hacking

SOLUTION

How did you find Sekurno?

Summit / Conference

Why did you select Sekurno over others?

• High ratings
• Pricing fit our budget
• Great culture fit
• Company values aligned

What was the size of Sekurno’s team?

2-5 Employees

Describe the scope of work in detail. Please include a summary of key deliverables.

During the preparation stage, in order for Sekurno to do a good job, they needed to have access to two things, t the clone of the platform that our customers use, and also the source code of the application so that they could do a deep dive and detect all kinds of vulnerabilities, that may not be evident if the system is accessed only through the web browser.

It was a wise choice to create a clone because Sekurno engineers were able to bring the system down on a number of occasions during testing procedures. Kudos to them for that.

The second challenge at the preparation stage was connected with giving access to the code, for which we created a special isolated infrastructure using VPNs and other mechanisms for our control. Using this infrastructure that we have set up, we deployed the code and gave Sekurno what it needed to access it. All these arrangements were done together with Sekurno and would prove to be helpful to anyone who is the first time on a project such as this like we were.

The pentesting stage started after we clearly defined the scope, listed the APIs, defined the phases and all the requirements, defined what we would be doing, what would be the outcomes, what the report would be like, etc.

The reporting stage was the next one, but I want to stress that Sekurno team instantly notified us of the findings, which, if exploited, had the potential of serious business process disruption, and it was already happening during the pentesting stage. During the reporting stage there was an Analysis Report discussion, then followed the fixing of the vulnerabilities, and resetting the system.

RESULTS & FEEDBACK

What were the measurable outcomes from the project that demonstrate progress or success?

Sekurno team managed to find critical vulnerabilities which were successfully removed. I have to confess it’s a bit of a sweet-and-sour feeling when you feel happy because you find the vulnerabilities and feel unhappy because you have them. But it’s way better to have them discovered during pentesting, than after a malicious attack. So this pentesting was a great result for both of us.

Describe their project management. Did they deliver items on time? How did they respond to your needs?

Everything was great. If there were some minor project pauses caused by delays with deliverables from our side, like restoring the testing environment, we always felt that Sekurno was there and ready to jump in. And they were very helpful during all the stages. These minor impediments were caused by the need to allocate resources for restoring the testing environment, at the same time maintaining normal operation of the essential business processes. And it was really nicely managed by Sekurno.

Never in a moment, we felt like they were too pushy. For each finding we saw that we really needed to look into them, because these guys were providing a very good service. We loved the critical findings reports. The communications were there: we felt during the entire four week project span that Sekurno guys were doing necessary stuff and communicating.

What was your primary form of communication with Sekurno?

• In-Person Meeting
• Virtual Meeting
• Email
• Messaging App

What did you find most impressive or unique about this company?

I would say that the project management was quite good. PM Christina was amazing in dropping us lines when we needed them, and stuff like that, at every stage of the project. The overall clear success of the project was greatly due to the project management and well thought through phases. I would like to add that their project management process greatly helped us increase maturity in securing our applications.

Are there any areas for improvement or something Sekurno could have done differently?

Although this point is not direct responsibility of Sekurno, It would be beneficial for us to have a the start of the project some training sessions regarding the all approach of pen testing. For companies taking the first steps this can be helpful.

BACKGROUND

Please describe your company and position.

I am the CEO of Lobby X

Describe what your company does in a single sentence.

Human Capital Platform and Recruiting Agency

OPPORTUNITY / CHALLENGE

What specific goals or objectives did you hire Sekurno to accomplish?

• Penetration test
• Information security check

SOLUTION

How did you find Sekurno?

Referral, Other

Why did you select Sekurno over others?

Referred to me

What was your primary form of communication with Sekurno?

Virtual Meeting

Describe the scope of work in detail. Please include a summary of key deliverables.

Considering the sensitive nature of the personal information of the candidates which we handle at our backend platform for numerous business processes and workflows, we were determined to provide a maximum level of cybersecurity.

So we decided to consult an expert cybersecurity service provider able to minimize breach probability. To achieve this, we ordered a white box penetration test of this backend system and API, to identify vulnerabilities potentially leading to unauthorized access to databases and get recommendations for their elimination.

RESULTS & FEEDBACK

What were the measurable outcomes from the project that demonstrate progress or success?

• Indicated issues in cybersecurity

Describe their project management. Did they deliver items on time? How did they respond to your needs?

During our intro talks, we described the project details and timeframes. Following the white box pentest procedure we created a testing environment, provided a system brief with a detailed description of functionality and mechanisms, database and application configurations, created testing accounts for 4 different roles and so the project began.

Our DevOps and Sekurno team maintained continuous communication at all stages of the pentest project which lasted for 3 weeks. Pentesters used both manual and automated testing, in particular such tools as TruffleHog and others, and the results presented in the final report appeared to be quite valuable and convincing.

We had recommendations as to the removal of the identified vulnerabilities of different severity levels, as well as general recommendations to be taken into account by the developers for future tasks.

Upon completion of the fixes, the Sekurno team conducted a follow-up testing to make sure everything was fixed as planned and recommended.

What did you find most impressive or unique about this company?

The most impressive thing was how smoothly the whole project was completed. Their competence and professionalism also added to overall positive impression about Sekurno.

Are there any areas for improvement or something {provider_name} could have done differently?

Nothing I can think about, everything’s fine.

BACKGROUND

Please describe your company and your position there.

I'm the CEO of a game studio that develops and publishes mobile games.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire Sekurno?

We were looking for an external cybersecurity company to perform an annual penetration test and security assessment of one of our games that runs on desktop as well as mobile.

SOLUTION

How did you select this vendor and what were the deciding factors?

We selected this vendor based on their level of expertise as well as their warm and friendly approach with us.

Describe the project in detail and walk through the stages of the project.

We needed a penetration test and security assessment of our game that runs on the Facebook Platform as part of a Data Protection Assessment Compliance requirements set by Meta Platforms Inc. Specifically, the vendor conducted Static Application Security Testing of the client Code-base as well as Static Application Security Testing of the Backend.

The goal was to identify areas of potential weakness and provide evidence of existing vulnerabilities.

Deliverables included:

• Pentest report
• Document with all tests performed by the team
• Consulting with our development team to help address issues found
• Follow-up test
• Letter of attestation after the follow-up test.

How many resources from the vendor's team worked with you, and what were their positions?

The vendors team comprised a project manager, 1 security analyst and 3 penetration testers.

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

They provided a well put together set of security assessment reports that provided comprehensive coverage and analysis of our code base and backend. They also provided competent consulting to help us address and solve the vulnerability and security issues found.

How effective was the workflow between your team and theirs?

They were prompt and very fast! We had a very ambitious schedule to get the security assessment and pen test started and completed and they made themselves available to consult with our team at all key moments. They met all the schedule milestones and shared our sense of urgency to the point that they felt very much a part of our team.

What did you find most impressive or unique about this company?

They had great empathy and understood our needs perfectly. And their level of competence was as high as we could have hoped for.

Are there any areas for improvement or something they could have done differently?

They surpassed our expectations. We can't think of any complaints.

BACKGROUND

Please describe your company and your position there.

My position is CTO at OMO Systems. We are an IoT service provider focussed on all-in-one property automation by integrating partner solutions and devices into a broad IoT ecosystem. We deliver technology solutions for access control, security & comfort suitable for multi-family buildings, HORECA, and commercial properties. Our goal is to make smart places accessible to everyone who has a smartphone.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire Sekurno?

We hired the vendor to help us set up an information security management system in accordance with the ISO 27001 standard, follow the best practices in the realm of cybersecurity and eventually prepare ourselves to get certified.

SOLUTION

How did you select this vendor and what were the deciding factors?

When we faced the necessity of a cybersecurity solution, we weighed several vendors against each other and Sekurno’s subscription offer played a decisive role as the format of a continuous support with affordable payload was exactly what fit us best.

Describe the project in detail and walk through the stages of the project.

The project set off with the overall organization profile assessment which led to the creation of the action plan to be implemented in order to fill the gaps which our company had at the time. The action plan included policies creation; asset management; systems and processes updates in order to prepare ourselves for the audit and achieving the compliance status.

How many resources from the vendor's team worked with you, and what were their positions?

There were 2 compliance officers and 1 project manager from the Sekurno team who worked with us during the whole project. The CEO of Sekurno also participated in status update meetings and progress reviews.

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

The biggest outcomes are:

• clear, reasonable action plan to follow and check the progress against;
• enhanced and more secure operational processes set up by the introduced policies and best practice procedures;
• raised awareness regarding security risks and methods of overcoming them;
• we have obtained a leverage in a communicative process with our potential investors and partners by securing our systems and setting up secured operational processes within the company;
• establishment of an Information Security Management System (ISMS) in the organization.

How effective was the workflow between your team and theirs?

The workflow was rather productive. We can highlight:

1. Their proactive approach allowed us to achieve perceptible results quickly;
2. straightforward communication and a firm control over the task accomplishment kept us alert and focused;
3. clear and understandable workflow allowed us to get familiar with the intricacies of the compliance process.

What did you find most impressive or unique about this company?

Proactivity and leading qualities of the team members; High responsibility and charge of the domain the team if answerable for; Flawlessness of the team integration;

Are there any areas for improvement or something they could have done differently?

No particular advice. The team is doing their job and accumulating experience from it - we felt the dedication and remained satisfied with the cooperation, so there is a high possibility that we’ll stay connected with the vendor for the future security projects as well.

BACKGROUND

Please describe your company and your position there.

I'm a Deputy Technical Director at MGID. We are pioneers in native advertising and offer a performance-driven platform for the real-time buying, selling, and management of native ads. MGID helps publishers monetize their audience with engaging yet non-intrusive ads, as well as grow and retain their readers. Furthermore, MGID drives performance and awareness for brands by connecting them to the right audience, at the right time, with the relevant ad content.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire Sekurno?

We hired the vendor to conduct Web Applications Penetration Testing to detect and mitigate possible vulnerabilities in our services, determine improvement actions and secure our clients’ data.

SOLUTION

How did you select this vendor and what were the deciding factors?

When we faced the necessity of a cybersecurity solution, we addressed the vendor we had contacted and communicated with before. Sekurno was recommended to us as a trustworthy security partner

Describe the project in detail and walk through the stages of the project.

Our initial request was a subdomain vulnerability check aimed to detect weaknesses and blind spots with subsequent action plan implementation. The second project was a dashboard vulnerability check. Having the dashboard secured is crucial to client data protection as it is a significant client-faced element constantly receiving and processing user information

How many resources from the vendor's team worked with you, and what were their positions?

There were 2 security engineers and 1 project manager from the Sekurno team who worked with us during the whole project. The CEO of Sekurno also participated in status update meetings

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

The biggest outcomes are: - fixed critical vulnerabilities; - raised awareness regarding security risks and methods of overcoming them; - QA best practices update

How effective was the workflow between your team and theirs?

The workflow was trouble-free and straightforward. Friendly and supportive communication made it effortless for us to cooperate and achieve results. We are completely satisfied with the transparency of the reports provided and the responsiveness of the vendor’s team. We were getting timely and relevant feedback upon request throughout the project

What did you find most impressive or unique about this company?

Sekurno team detected and reported several critical vulnerabilities ahead of completing a general testing process which gave our internal team an opportunity to eliminate the risk as soon as possible

Are there any areas for improvement or something they could have done differently?

We would love to hold an offline meeting with the vendor team members to have closer contact and deeper business relationship. The vendor’s team did great, and we encourage them to keep growing and sharpen their skills.