In an era where digital security is paramount, Qarbon Technologies has taken a significant step forward. The company recently underwent a rigorous External Penetration Test, conducted by the renowned cybersecurity firm Third Wave Innovations.
Strengthening Digital Defenses
Qarbon Technologies, known for its groundbreaking and SaaS-based Data Center orchestration platform, LATTICE™, has always prioritized data security. In a proactive move, the company collaborated with Third Wave Innovations, a firm specializing in offensive security strategies, to conduct an extensive week-long security analysis from 10/12/2023 to 10/19/2023.
A Methodical Approach to Security
The penetration test was structured in four distinct phases:
- Discovery: Third Wave Innovations began with passive reconnaissance, employing open-source intelligence to understand Qarbon's digital footprint thoroughly.
- Enumeration: The team then engaged in active reconnaissance, including port scanning and service detection, to identify potential entry points into Qarbon’s systems.
- Vulnerability Mapping: This phase focused on detecting vulnerabilities in the identified services and applications, crucial for the next step.
- Exploitation: Finally, the team attempted to exploit these vulnerabilities to gauge the effectiveness of existing security measures.
Key Findings and Responsive Measures
The assessment revealed Qarbon Technologies’ commitment to a robust security framework. While specific details of the findings remain confidential, it was noted and verified by Third Wave that the Qarbon engineering team had successfully implemented all suggested remedial steps. These efforts demonstrate the company's dedication to safeguarding its internal network and sensitive information and ensuring a fully secure platform for all its global customers.
Penetration (or pen testing) is a common compliance requirement and security control - mandated for NIST SP800-53 and PCI-DSS and recommended in ISO27001. Nonetheless, while achieving a successful pen test is very important, a continuous exercising of methodical pen testing is equally important as systems change constantly with new features added across platforms. So in order to keep systems comprehensively secure all the time, it is important to conduct monitoring and detection including regular pen test exercises. Qarbon Technologies is commited to a regular pen testing calendar as new features and products are released.
Expert Insights
Carter McKelvain, OSCP, Senior Offensive Security Engineer at Third Wave Innovations, remarked, “Qarbon Technologies has shown exemplary dedication to securing their digital environment. Our comprehensive assessment not only tested their defenses but also helped in fortifying their security posture against potential future threats.”
Looking Ahead
This initiative by Qarbon Technologies reflects a growing trend among industry leaders to proactively challenge and enhance their cybersecurity measures. It underscores the company's commitment to protecting its stakeholders’ data and maintaining trust in an increasingly digitised world. Qarbon is commited to following industry best practices in securing it’s platform for customers.
For more information about Qarbon Technologies and the groundbreaking LATTICE™ platform please visit https://www.qarbontech.io/products
For more information on Third Wave Innovations and their range of cybersecurity offerings please visit https://3rdwave.io/.
