SUCCESS STORIES

TruSec engages with companies all over the world in a variety of industries and verticals. Below are a few of our success stories (redacted for privacy).

 
   

SUCCESS STORIES

TruSec engages with companies all over the world in a variety of industries and verticals. Below are a few of our success stories (redacted for privacy).

 

Become Part of Our Success Stories, not Headline News!

 

Physical Security


For a $65 Billion asset, multi-state, financial institution, we identified weaknesses in staff adherence to physical and logical security policies that resulted in the compromise of 55% of target facilities including the compromise of both physical and electronic documents that contained non-public financial information. The client has now benefited from this knowledge and implemented a plan to mitigate these risks.

     
   
 

Web Application
Security Assessment


For an international online retailer, we highlighted vulnerabilities in the production Web Application that allowed access to archived invoices and order details. It was discovered that these vulnerabilities were persistent in the system for over 3 years. Despite the fact that the client had several security assessments performed against the application by both internal and external penetration testers, ultimately it was TruSec who discovered the vulnerability–before a malicious attacker could exploit it.

 
 

By means of Web Application Security Assessments, our assessors helped a nationwide property-casualty insurance company identify critical software vulnerabilities that a malicious user could have exploited to gain access to sensitive information from unauthorized parties, including financial performance and private policyholder information.

   
   
 

Penetration Testing


TruSec assessors unearthed technical vulnerabilities for a world-renowned hotel/resort that allowed compromise of its internal network Enterprise-level administrative account (despite the implementation of multiple preventive controls such as network admission control (NAC), firewalls, intrusion prevention systems and 3rd-party security log monitoring). With TruSec’s help, the client quickly mitigated the vulnerabilities within an hour (the same length of time it took to penetrate the network).

 

Through the use of Penetration Testing, Social Engineering and Facility Breach exercises, TruSec has uncovered weaknesses in data protection practices and the security awareness training program implemented at many corporations across the globe. Our actionable reports and risk-prioritized remediation checklists have empowered our clients to quickly implement practical and effective risk mitigation strategies.

     
   
 

Sensitive Data Discovery


Using our Sensitive Data Discovery services, a leading upper-education State college was able to meet its regulatory compliance requirement of identifying sensitive data across all data networks. Our service provided the client with a cost-effective solution to identify its critical information assets and determine the appropriate security measures to protect the privacy of those assets.

     
   
 

IT Audits


A SOX 404 self-audit of core AS400-based applications, performed for an American multinational car manufacturer, was completed on time, within budget and without any exceptions upon review by the pertinent BIG-4 auditing firm. The success was attributed in part to the guidance provided to the client by the TruSec auditor. In addition, 50% of the audited applications had not been previously audited.

     
   
 

Training


TruSec has provided Information Security Awareness Training and Seminars to the staff, Executives and Board Members of multiple clients across the US, Canada and Latin America. Our clients have attributed the increased levels of security awareness and corporate governance support to the effectiveness of our Information Security Training.