Antsomi proactively responds to security threats

Discover how Antsomi stays one step ahead to protect its applications from cyber threats with CyStack’s reliable assistance.

Antsomi is a marketing technology start-up that specializes in providing artificial intelligence solutions. With the mission of helping businesses transform digitally, Antsomi has built the first artificial intelligence integration platform, CDP 365, to help businesses store customer data from many different sources.

However, during the process of evaluating the application before release, Antsomi encountered some problems. The complexity of the application system, the constant update rate, and not having an internal security team are the reasons why Antsomi proactively sought a third-party security unit. After a process of research and study, Antsomi has confidently chosen CyStack as a security partner to support consulting and implement security enhancement solutions for their CDP 365 customer data platform project.

The CDP 365 application was built to meet the need for managing information from multiple sources, including websites and API connectors. To ensure performance and security, the application leverages Cloudflare’s CDN and WAF. Its infrastructure is hosted on the cloud, enabling optimized data processing workflows and providing a flexible, scalable environment for managing diverse information sources

The solution chosen is Vulnerability Management.

Implementation time: 2 years (January 2022 - January 2024).

Our workflow includes:

• Assess security vulnerabilities: Deploy automatic scanning through the CyStack Web Security (CWS) tool developed by the CyStack team, helping to automatically check and scan subdomains and IP addresses in the internal network; detect vulnerabilities using fuzzing techniques with CyStack's security vulnerability database.
• Penetration testing: A type of simulation of a cyber security attack on a system, computer network, or web application to detect security vulnerabilities that can be exploited. Penetration testing is performed by security experts, using a variety of tools and techniques to evaluate the security of the target environment, thereby finding weak points that can be attacked.
• Deploy a bug bounty program: On our WhiteHub security platform, leverage the power of the community to improve vulnerability detection. The bug bounty program is a form of community security that rewards individuals or groups, also known as white hat hackers, who discover and submit reports on security vulnerabilities in software, or enterprise systems. Businesses offer bonus levels, which can be equal to money, souvenirs, or registration forms, creating motivation for white hat hackers to search and report found vulnerabilities.
• Set up continuous monitoring: To detect security incidents early, help limit risks, and maintain system safety.

The customer requested that scanning be implemented through a proxy to effectively manage network traffic and IP addresses involved in vulnerability scanning. Although we could comply with this request, the efficiency of the process will be significantly reduced due to the use of proxies.

Through the crowdsourced security program, the company received numerous valuable reports and identified a large number of vulnerabilities across multiple severity levels.

Remediation efforts were prioritized for critical risk areas related to data queries, access control, and authorization, thereby contributing to the overall security of the system.

From a financial perspective, Antsomi was able to optimize costs significantly by avoiding the need to hire an internal security team. This not only provided greater cost flexibility but also enabled the company to manage cash flow more effectively through fixed-cost planning.

At the same time, Antsomi’s operational efficiency improved considerably. With deep expertise and extensive experience in cybersecurity, CyStack not only helped Antsomi address issues effectively but also provided innovative solutions and ensured the highest possible level of system security.

The success of this project would not be possible without strong support from our Business Development and Security Engineering teams. These two teams have played an important role, collaborating to ensure the stable and safe development of Antsomi.

Business Development Team:

• Work with the internal security team to advise on appropriate solutions to ensure comprehensive security for Antsomi.
• Submit reports on time to notify discovered vulnerabilities.

Security Engineering Team:

• Evaluate the severity of each vulnerability, thereby giving priority to remediation, helping Antsomi optimize the vulnerability remediation process and minimize security risks.
• Consulting on design changes and solutions for system-wide vulnerabilities.
• Re-evaluate the fixed vulnerability thoroughly, and find all measures to bypass it before concluding that the vulnerability has been completely fixed.

CyStack is a cybersecurity company based in Vietnam since 2017. We offer comprehensive solutions, including testing, security consulting, and managed services. With over 200 businesses and 20,000 users around the world, we are recognized as a trusted partner for organizations and a strong leading firm in cybersecurity research and development.

For more information, please visit: https://cystack.net/

“Investing in system security is of utmost importance for every business in today’s digital age. We have early recognized that this is a critical factor that cannot be taken lightly in our business development.” – Mr. Bach Quang Bao Toan, Co-Founder & CTO of Antsomi CDP 365 & Ants Programmatic.

“Although we have not experienced any security incidents in the past, we prioritize prevention over problem-solving. Security is our top priority to stay one step ahead of hacker attacks.” – Mr. Bach Quang Bao Toan, Co-Founder & CTO of Antsomi CDP 365 & Ants Programmatic.

“In the past, we have tried several other security solutions but did not achieve the expected results. However, CyStack has truly impressed us with the exceptional quality of service and the enthusiastic support provided by its team of professionals.” – Mr. Bach Quang Bao Toan, Co-Founder & CTO of Antsomi CDP 365 & Ants Programmatic.