The Challenge
Eclipse® Corporation provides a full range of customer communications software for automating the production of enterprise-class
e-forms, documents and labels. Although they had not experienced any malicious activity, they suspected there could be unknown vulnerabilities, as there are with any corporate network. The AMATAS Vice President of Business Development reached out to Eclipse’s CTO – Alex Riess, and suggested running penetration testing as a preemptive measure.
The Solution
AMATAS first held a discovery call with Eclipse and decided to run tests against Eclipse’s corporate VPN, and worked with them to set up user profiles. AMATAS executed a series of tests against Eclipse’s corporate environment, including selected addresses within Eclipse’s public-facing infrastructure and the internal network. The goal was to provide insight from the perspective of a malicious attacker, to identify and validate any vulnerabilities, and to assess the impact on the tested environment. During the penetration testing AMATAS uncovered several critical vulnerabilities that, if left unaddressed, could potentially open the door for a cyber attack
The approach AMATAS took was extremely thorough. They really went down to the nitty-gritty and inspected everything on our network, from devices to the services and tools we use, to our own VPN. They went beyond what I expected and pointed out critical weaknesses that, if we hadn’t known about them, could have left us vulnerable to an attack.
Alex Riess, CTO, Eclipse
The Result
Following the penetration testing, AMATAS provided Eclipse with a full report of the results, then followed up with technicians from Eclipse’s IT team to review the findings, one issue at a time. According to Riess, the report was easy to understand and provided substantial insights.
With all found vulnerabilities now fixed, Eclipse can have peace of mind that its IT infrastructure is secure and protected against potential cyber
threats.
The testing process was completely transparent to us and did not impact our environment in any way. If we hadn’t looked at the logs, we wouldn’t have even known they’d done the work.
Riess Alex, CTO at Eclipse