PROJECTS We work with a number of industries to ensure that your applications are protected.

Health Insurance Provider Case Study

nVisium performed a comprehensive review and ongoing application security initiative for a major health insurance provider. The goal of this engagement was to help close existing security flaws while identifying issues earlier in newly developed code.

Due to the sensitivity of data held for millions of users, it was essential to ensure that personally identifiable information (PII) was protected at every layer of the infrastructure. As critical security issues were identified, nVisium worked directly with developers and architects to build security fixes, test the fixes, and implement them in production.

Over a three-year period, nVisium helped the insurance provider reduce their risk profile significantly and the organization's primary consumer facing product has demonstrated a gradual and significant reduction in risk.This demonstrates the effectiveness of nVisium's holistic approach and solution-centric methodology.

Software Solutions Provider Case Study

nVisium performed a comprehensive review of a complex web application for a major software and solutions provider. The goal of this engagement was to identify security issues in a legacy application that had never undergone a full security assessment.

Due to the stringent access control requirements, it was essential to ensure that privilege escalation was prevented throughout the large and complex codebase, and that protection from SQL Injection attacks were built-in. As critical security issues were identified, nVisium recommended fixes directly to their developers.

nVisium then performed remediation validation of all fixes to confirm the correctness, and that more vulnerabilities were not introduced to the codebase. This demonstrates the effectiveness of nVisium's approach to following up with clients and making sure they have appropriately fixed any issues uncovered during an assessment.

financial services Case Study

nVisium worked with a payment and risk protection organization to help them develop an inter-bank payments system on both web and mobile platforms. nVisium analyzed the system to help build security controls that reduce the likelihood of PII and payment exposure across the platform.

nVisium joined the project at the start, performing a security architecture review, working with the development teams to review each code release, and providing remediation instruction on any security vulnerabilities discovered.

Real-time, agile security partnership resulted in a faster release of a secure product and the nVisium team provided ongoing support and guidance to ensure the findings and fixes were well understood and architected securely from client to backend.

Payment Solutions Provider Case Study

nVisium engaged with a financial institution to assess a mobile payment solution and build additional security capabilities into the platform. The product is used by vendors and merchants at the Point of Sale, and integrates with additional banking and loyalty products.

Upon completion of the initial assessment, nVisium analyzed the results to help build security controls to reduce the scope of PII and payment exposure across the platform. As the mobile development team integrated the solution, nVisium's team provided ongoing support and guidance to ensure the findings and fixes were well understood and architected securely from client to backend.

National Insurance Provider

nVisium assessed multiple third party home monitoring solutions on behalf of a national insurance provider prior to its investment and partnership. In order to make sure the devices met the company's security requirements, we utilized our expertise in IoT security and examined the web APIs, mobile applications, controllers, hardware sensors and more.

Upon completion, nVisium provided the company with an overall assessment of the third party solutions' security postures. We were able to identify and describe the identified security issues, which included back doors, lack of authentication, authorization issues, weak encryption, and weak API settings. The company was able to take the information provided and make a decision based on our results. The assessments also helped the third parties strengthen and secure their software and products.

We work with a number of industries to ensure that your applications are protected, including:

  • Automotive
  • Banking & Financial Services
  • Education & Training
  • Entertainment
  • Federal
  • Healthcare
  • Retail
  • Telecom
  • Travel & Hospitality
  • Utilities
Contact us Today
Amazon Web Services .NET Java Android iOS golang nodejs Python Ruby on Rails