CyStack products used


From July 12, 2021 to October 11, 2021, CyStack performed a security assessment and vulnerability management for ShopBase applications. The system is tested by leading Pen-testers at CyStack and a team of community experts on the WhiteHub platform. The purpose of this project is to identify security weaknesses, provide remedial recommendations, and provide continuous feedback, in order to minimize information security risks on the system at all times.

OpenCommerce Group And Extraordinary Journey Through Vulnerability Remediation

CyStack’s solution supports OpenCommerce Group to identify and address vulnerabilities, safeguard critical information, and minimize its expenses.

OpenCommerce Group & A Journey Through Vulnerability Remediation
OpenCommerce And Extraordinary Journey Through Vulnerability Remediation

About OpenCommerce Group

OpenCommerce Group (OCG), established in 2017, is a leading technology company providing e-commerce solutions in Vietnam. With over a decade of experience operating and serving hundreds of thousands of businesses worldwide, the business has developed a modern technology platform and assembled an experienced team that helps online store owners grow and scale up. OCG currently serves the largest and most vibrant markets like the United States and China, from building the initial foundations such as creating websites and optimizing conversion rates, to managing goods and logistics.

With the mission of connecting and creating a launching pad for e-commerce businesses and domestic and international brands, OpenCommerce has built a cutting-edge technology ecosystem that integrates the entire online shopping journey, especially cross-border transactions. As a result, OpenCommerce has earned the trust of over 1 million enterprise customers worldwide, affirming its brand reputation and solidifying its position in the ever-changing market.


“We appreciate the importance of vulnerability management and understand that it is essential for any professional enterprise.” – Mr. Truong Bui, CTO OpenCommerce Group

For businesses in the e-commerce industry, including OpenCommerce Group, vulnerability attacks are one of the most concerning challenges. This is especially true as more firms actively shift towards online business models, and strengthen their collection and storage of customer data. Security vulnerabilities refer to weaknesses in a company’s system or software that hackers can identify and exploit to gain unauthorized access to sensitive customer information. With the rapid development of technology, attackers are becoming increasingly cunning and elusive, making detection even more difficult.

Security vulnerabilities pose a significant threat to a company’s cybersecurity and its customers. Such breaches can lead to detrimental consequences, from critical data loss to the disclosure of sensitive customer information, damaging the company’s reputation. Addressing these challenges requires a high level of expertise and experience in cybersecurity, which OpenCommerce Group currently lacks. Therefore, they have sought assistance from CyStack to tackle their security concerns and manage vulnerabilities.


CyStack has demonstrated great dedication and professionalism in supporting us with managing incidents, resolving issues, and providing comprehensive process consultation.” – Mr. Truong Bui, CTO OpenCommerce Group

Aware of the potential risks posed by vulnerabilities, OpenCommerce Group has decided to choose CyStack’s Vulnerability Management and Managed Bug Bounty solutions to safeguard its e-commerce platform ShopBase – one of the two primary aspects in the business’s ecosystem, created to improve the Drop Shipping and Print-On-Demand (POD) experience for both buyers and sellers.

Vulnerability Management is a continuous security solution CyStack provides to OpenCommerce Group. Our team of security experts has tested, assessed and identified potential vulnerabilities in the ShopBase system, thereby providing solutions and recommendations for remediation.

Besides, we use WhiteHub – the 1st and the biggest crowdsourced security platform developed by CyStack in Vietnam. The bug bounty programs in WhiteHub help identify and address security vulnerabilities in a timely and efficient manner, while also providing a safe and secure environment for ethical hackers to report vulnerabilities.

“The researchers here are dedicated, professional and ready to support 24/7. With a large number of researchers, the process of identifying vulnerabilities is fast and straightforward. Additionally, we greatly value their knowledge and expertise.” – Said the OpenCommerce representative regarding the white-hat hacker community in WhiteHub.”

With a team of skilled and experienced experts, CyStack helps OpenCommerce Group minimize security risks, ensure customer data safety, and enhance the brand reputation of ShopBase. By using CyStack’s services, OpenCommerce Group can streamline the process of identifying and addressing security vulnerabilities, saving time and reducing costs.


  • 98 vulnerabilities resolved, of which 8 are critical and 32 are high
  • Enhance the ability to detect security vulnerabilities to timely address them before being exploited
  • Optimize the performance and ensure the safety of information systems
  • Save costs for recruiting personnel dedicated to detecting security vulnerabilities
  • Improve the brand reputation and customer trust

Final Thoughts

Vulnerability attacks pose a growing threat to e-commerce businesses. Therefore, Vulnerability Management has become a reliable solution to enhance information security and reduce the risk of cyber attacks.

By combining cutting-edge security solutions and a team of experienced experts, CyStack can proficiently tackle any security concerns. Using CyStack’s services helps enterprises not only reduce costs and improve system safety but also fortify their brand reputation in the marketplace.

Other Case Studies

Ragnar Corporation and strong interest in security issues
Case study|
Ragnar Corporation and strong interest in security issues

Learn more about how Ragnar Corporation has proactively responded to protect the T-Reg application web through the Penetration Testing method. About Ragnar Corporation Co.,Ltd Ragnar Corporation is an information technology start-up, based in Bangkok, Thailand. Ragnar specializes in providing cybersecurity solutions and managing legal processes in the financial industry through technology to companies, businesses and […]

Tập đoàn Ragnar và sự quan tâm mạnh mẽ tới các vấn đề về an toàn bảo mật
Case study|
Tập đoàn Ragnar và sự quan tâm mạnh mẽ tới các vấn đề về an toàn bảo mật

Tìm hiểu thêm về cách Tập đoàn Ragnar đã chủ động ứng phó bảo vệ ứng dụng web T-Reg thông qua phương pháp Kiểm thử xâm nhập (Penetration Testing). Giới thiệu về Ragnar Corporation Co., Ltd Tập đoàn Ragnar là một start-up công nghệ thông tin có trụ sở đặt tại Bangkok, Thái Lan. Ragnar […]

Chìa khóa giúp Cellframe đảm bảo an ninh trong ngành công nghiệp blockchain
Case study|
Chìa khóa giúp Cellframe đảm bảo an ninh trong ngành công nghiệp blockchain

Khám phá những thách thức bảo mật mà các công ty blockchain như Cellframe đã gặp phải và cách họ vượt qua chúng. Giới thiệu về Cellframe Cellframe network là một nền tảng thế open source thế hệ mới, có khả năng mở rộng để xây dựng và kết nối các Blockchain cũng như dịch vụ được […]