Giải pháp được lựa chọn
Từ ngày 07/06/2023, CyStack đã thực hiện đánh giá bảo mật cho ứng dụng web T-Reg của Ragnar. Mục đích của dự án này là xác định các điểm yếu về bảo mật, xác định tác động đối với Ragnar, ghi lại tất cả các phát hiện một cách rõ ràng và có thể lặp lại, đồng thời đưa ra các khuyến nghị khắc phục. Ngày 28/06/2023, CyStack đã tiến hành kiểm tra lại để xác nhận Ragnar đã khắc phục toàn bộ các lỗ hổng nghiêm trọng có thể dẫn tới nguy cơ khai thác hoặc phá hoại trực tiếp hệ thống. Tất cả các lỗ hổng bảo mật được phát hiện đều đã được xử lý tuân theo các khuyến nghị từ CyStack.
Learn more about how Ragnar Corporation has proactively responded to protect the T-Reg application web through the Penetration Testing method.
Ragnar Corporation is an information technology start-up, based in Bangkok, Thailand. Ragnar specializes in providing cybersecurity solutions and managing legal processes in the financial industry through technology to companies, businesses and organizations in Thailand. Currently, Ragnar owns 5 different start-ups that are engaged in researching and developing an end-to-end technology ecosystem.
T-Reg is a platform for organizations within Thailand needing to ensure their compliance with Thailand’s Cybersecurity Law and Personal Data Protection Act (PDPA). Therefore, Ragnar Corporation designed Methodology 3.0 or procedures to comply with the law. The PDPA, as known as the 3E Framework, consists of 3 steps: Educate, Explore and Execute. This is the first step in implementing the PDPA project using the T-Reg platform, which helps the project to be carried out systematically and allows users to ensure their long-term legal compliance.
“Investigating cybersecurity is an important and necessary action for businesses to protect data, customer’s information and against threats in the cyber environment. A strong cybersecurity strategy can prevent financial losses, protect the business’s reputation and consolidate trust among customers. Therefore, this is an indispensable investigation for every company’s sustainable success.” – Mr. Wisutthichart Khemklad, DevOps Engineer at Ragnar Corporation.
The world is gradually transitioning into a new technological era with many changes that surprise all mankind. Things that seemed impossible, more or less become reality. The technology game is slowly entering a new chapter. Along with those great things are countless cybersecurity lurking threats, especially for businesses that own large amounts of data worth billions of dollars.
Vulnerabilities are weaknesses which exist in the programming process, creating loopholes for hackers to illegally access system data, and steal sensitive information without following the process. Thereby, it causes unpredictable damage to the business. These vulnerabilities can come from anywhere, from errors appearing in software, operating systems, configurations to mistakes in setting a sketchy account password, not following the correct rules or other acts that cause exposing information and data to the hackers.
As a technology corporation providing network security solutions, Ragnar was early aware of how the risks of not ensuring data security could affect business operations and customers using the T-Reg platform. In particular, in the past, Mr. Wisutthichart Khemklad had encountered an attack from Ransomware – a dangerous encrypted virus, causing computer owners to lose access to data on the drive – causing financial damage and customer confidence. Therefore, Ragnar’s representative believes this is definitely a reasonable and necessary investment in the current context.
“The quality of work, the professional coordination of the team of experts, the speed of processing, the technical support, the price – all are outstanding. We are looking forward to the next cooperation.” – Mr. Wisutthichart Khemklad, DevOps Engineer at Ragnar Corporation.
After discussing with CyStack representatives, Ragnar Corporation decided to choose Penetration Testing to assess security vulnerabilities of the T-Reg web application.
Penetration Testing is a solution in the Security Testing and Evaluation group provided by CyStack. The test execution process consists of 5 steps under strict inspection and supervision from Pentesters experts at CyStack to thoroughly eliminate errors in the Assessment Checklist.
From 07/06/2023 to 28/06/2023, CyStack provided the above solution to detect and evaluate the security vulnerabilities of the T-Reg web application developed by Ragnar Corporation. The goal is to identify security weaknesses, determine the level of impact on the project, make remedial recommendations, and record all findings to minimize possible risks on the system.
“After this collaboration, Ragnar has received a lot of things. A trusted certification from a reputable cybersecurity company, a more secure platform for users, trust from our customers and most importantly, our team of Developers has greatly added lots of new security knowledge .” – quote Mr. Wisutthichart Khemklad, DevOps Engineer at Ragnar Corporation.
CyStack has discovered several critical security vulnerabilities in the T-Reg web application, helping Ragnar promptly respond and stop threats before actual damage occurs. In addition, the T-Reg web application has received a security certificate from CyStack, in recognition of its active participation in the security assessment of the Ragnar Corporation.
“We will cooperate with you in the future, as soon as the T-Reg 2nd version web application released in Q3 2023 is updated.” – Ragnar Representative said.
Network attacks that cause system disruptions are not far away. Now, it can happen to any business in the world, because this is the object that hackers are always waiting for and ready to act as soon as they find exploitable vulnerabilities.
With a proactive search for enterprise security solutions, Ragnar Corporation has demonstrated its unsurpassed sense of data protection. As a result, what Ragnar Corporation received is well worth their efforts to raise cybersecurity awareness: A secure platform for users and trust from customers using the T-Reg application web.
Tìm hiểu thêm về cách Tập đoàn Ragnar đã chủ động ứng phó bảo vệ ứng dụng web T-Reg thông qua phương pháp Kiểm thử xâm nhập (Penetration Testing). Giới thiệu về Ragnar Corporation Co., Ltd Tập đoàn Ragnar là một start-up công nghệ thông tin có trụ sở đặt tại Bangkok, Thái Lan. Ragnar […]
Khám phá những thách thức bảo mật mà các công ty blockchain như Cellframe đã gặp phải và cách họ vượt qua chúng. Giới thiệu về Cellframe Cellframe network là một nền tảng thế open source thế hệ mới, có khả năng mở rộng để xây dựng và kết nối các Blockchain cũng như dịch vụ được […]
Exploring the security challenges blockchain companies like Cellframe have encountered and how they overcame them. About Cellframe Cellframe Network is a scalable, open-source, next-generation platform for building and bridging blockchains and services secured by post-quantum encryption. It offers an environment for enterprises and developers to build a vast array of products ranging from simple low-level […]