Use Cases

Health Insurance

Health Insurance
Provider Case Study

nVisium performed a comprehensive review and ongoing application security initiative for a major health insurance provider. The goal of this engagement was to help close existing security flaws while identifying issues earlier in newly developed code.

Due to the sensitivity of data held for millions of users, it was essential to ensure that personally identifiable information (PII) was protected at every layer of the infrastructure. As critical security issues were identified, nVisium worked directly with developers and architects to build security fixes, test the fixes, and implement them in production.

Over a three-year period, nVisium helped the insurance provider reduce their risk profile significantly and the organization’s primary consumer facing product has demonstrated a gradual and significant reduction in risk.This demonstrates the …

Software Provider

Software Solutions
Provider Case Study

nVisium performed a comprehensive review of a complex web application for a major software and solutions provider. The goal of this engagement was to identify security issues in a legacy application that had never undergone a full security assessment.

Due to the stringent access control requirements, it was essential to ensure that privilege escalation was prevented throughout the large and complex codebase, and that protection from SQL Injection attacks were built-in. As critical security issues were identified, nVisium recommended fixes directly to their developers.

nVisium then performed remediation validation of all fixes to confirm the correctness, and that more vulnerabilities were not introduced to the codebase. This demonstrates the effectiveness of nVisium’s approach to following up with clients and making sure they have appropriately fixed any issues uncovered during the engagement.

Financial Services

Financial Services
Case Study

nVisium worked with a payment and risk protection organization to help them develop an inter-bank payments system on both web and mobile platforms. nVisium analyzed the system to help build security controls that reduce the likelihood of PII and payment exposure across the platform.

nVisium joined the project at the start, performing a security architecture review, working with the development teams to review each code release, and providing remediation instruction on any security vulnerabilities discovered.

Real-time, agile security partnership resulted in a faster release of a secure product and the nVisium team provided ongoing support and guidance to ensure the findings and fixes were well understood and architected securely from client to backend.

Payment Provider

Payment Solutions
Provider Case Study

nVisium engaged with a financial institution to assess a mobile payment solution and build additional security capabilities into the platform. The product is used by vendors and merchants at the Point of Sale, and integrates with additional banking and loyalty products.

Upon completion of the initial assessment, nVisium analyzed the results to help build security controls to reduce the scope of PII and payment exposure across the platform. As the mobile development team integrated the solution, nVisium’s team provided ongoing support and guidance to ensure the findings and fixes were well understood and architected securely from client to backend.

Insurance

National Insurance
Provider Case Study

nVisium assessed multiple third party home monitoring solutions on behalf of a national insurance provider prior to its investment and partnership. In order to make sure the devices met the company’s security requirements, we utilized our expertise in IoT security and examined the web APIs, mobile applications, controllers, hardware sensors and more.

Upon completion, nVisium provided the company with an overall assessment of the third party solutions’ security postures. We were able to identify and describe the identified security issues, which included back doors, lack of authentication, authorization issues, weak encryption, and weak API settings. The company was able to take the information provided and make a decision based on our results. The assessments also helped the third parties strengthen and secure their software and products.

Spanning All Industries

Industries Served

We work with a number of industries to ensure that your applications are protected, including:

Automotive

Education & Academia

Federal Government

Retail

Banking & Financial Services

Entertainment

Healthcare

Telecom

As an application Security Provider We Understand

We understand that risk mitigation extends beyond periodic assessments, training, and code remediation. nVisium has the capabilities to assist your team in implementing strategies, technology, and policies that align with your organization and development methodologies.