The Strong Interest Of Ragnar Corporation In Security Challenges

Learn more about how Ragnar Corporation has proactively responded to protect the T-Reg application web through the Penetration Testing method.

Ragnar is a technology start-up company in Bangkok, Thailand. Ragnar specializes in providing cybersecurity solutions and managing legal processes in the financial industry through technology for companies, businesses, and organizations in Thailand. Ragnar currently owns 5 different start-up units that are participating in research and development of the end-to-end technology ecosystem.

T-Reg is a platform for organizations within Thailand needing to ensure their compliance with Thailand’s Cybersecurity Law and Personal Data Protection Act (PDPA). Therefore, Ragnar Corporation designed Methodology 3.0 or procedures to comply with the law. The PDPA, also known as the 3E Framework, consists of 3 steps: Educate, Explore, and Execute. This is the first step in implementing the PDPA project using the T-Reg platform, which helps the project to be carried out systematically and allows users to ensure their long-term legal compliance.

With responsibility for managing personal information, Ragnar is well aware of the importance of cybersecurity and places data safety as a top priority. To ensure that the T-Reg system met the highest safety standards, Ragnar decided to partner with an external security agency to conduct a comprehensive review.

As a cybersecurity company, Ragnar was soon highly aware of the level of risk that not ensuring data security can affect the business operations of the business as well as its customers. uses the T-Reg platform.

Ragnar has proactively learned about third-party security units. After searching for many companies from many countries around the world, Ragnar chose CyStack as the security partner for this project.

The solution used is Penetration Testing, following the direction of Gray-box testing following Ragnar's requirements. Gray-box helps assess an organization's vulnerability to internal threats, saving time and optimizing costs for businesses. The Gray-box format helps CyStack localize endpoints that need to be tested, understand business functions quickly, and reduce unnecessary communication.

Implementation time: From June 2023, within 15 days

Test object: Web application

The organization faced significant challenges in ensuring proper authorization design and access control across critical system components. Through the penetration testing engagement, multiple high-severity security vulnerabilities were identified and thoroughly remediated.

The consulting and remediation process helped strengthen the authorization framework, prevent inappropriate access, and improve the platform’s overall security posture. Following a rigorous assessment based on international standards, Ragnar was awarded a Cybersecurity Certificate from CyStack, recognizing its compliance and capability in maintaining cybersecurity assurance.

The accomplishment of this project would not have been achievable without the robust assistance provided by our Business Development and Security Engineering teams. These two groups have played a vital role, working closely together to guarantee the stable and secure advancement of Ragnar.

Business Development Team: Coordination between the two parties is an important factor to complete the project in a short time and ensure Ragnar's required time. The close integration of our Business Development team and Ragnar has created a productive working environment.

Security Engineering Team: CyStack placed strong emphasis on ensuring that the authorization design was secure and optimized to minimize risk. Our experts conducted thorough testing and assessed every aspect of the system to establish robust solutions aligned with both operational efficiency and security best practices. This enabled Ragnar to prevent threats that could arise from the misuse of user privileges.

CyStack is a cybersecurity company based in Vietnam since 2017. We offer comprehensive solutions, including testing, security consulting, and managed services. With over 200 businesses and 20,000 users around the world, we are recognized as a trusted partner for organizations and a strong leading firm in cybersecurity research and development.

For more information, please visit: https://cystack.net/

“Exploring cybersecurity is crucial for safeguarding data, customer information, and countering cyber threats. A robust cybersecurity strategy helps prevent financial losses, preserves the business's reputation, and builds trust with customers, making it an essential component for sustained success in every company.” – Mr. Wisutthichart Khemklad, DevOps Engineer at Ragnar Corporation.

“The quality of work, the professional coordination of the team of experts, the speed of processing, the technical support, the price – all are outstanding. We are looking forward to the next cooperation.” – Mr. Wisutthichart Khemklad, DevOps Engineer at Ragnar Corporation.

“After this collaboration, Ragnar has received a lot of things. A trusted certification from a reputable cybersecurity company, a more secure platform for users, trust from our customers, and new security knowledge.” – Mr. Wisutthichart Khemklad, DevOps Engineer at Ragnar Corporation.