Atlanta, Georgia | July 31, 2019 – In partnership with Stonebranch, a leading provider of modern workload automation solutions, Secuvera performed a two-phase application-level penetration test on Stonebranch’s Universal Automation Center in 2019. The first phase, performed in January, was focused on the Universal Automation Center WEB-GUI and the REST API of the Universal Controller. The second phase in June was more focused on the Universal Agent Technology and the communication between Agents and the Universal Controller. While the first test scenario yielded some minor issues, the second phase of testing yielded no vulnerabilities, both in the case of the web application and the RESTful API and in terms of Agent to Controller communication.
Secuvera and Stonebranch have cooperated for many years to offer Stonebranch customers high quality and thorough penetration testing services on a regular basis. It is only appropriate, then, that Secuvera also periodically test the security and integrity of the Stonebranch software itself.
The goal of these tests was the identification of any technical vulnerabilities present in the web application and the communication between the Universal Agents and the Universal Controller. Initially, primary, automated testing was carried out. After analyzing the results of this initial testing phase, tests with more manual components were subsequently completed. Lastly, the results of these tests were compiled and matched with the OWASP (Open Web Application Security Project) framework.
While during the initial testing in January 2019 some smaller vulnerabilities were found and noted, the re-testing in June 2019, alongside with the Universal Agent communication testing, returned zero vulnerabilities in all tested areas.
Stonebranch was therefore granted a very high security level for the web services, GUI access to the Universal Controller, and for its Agent to Controller communication.
“We are extremely pleased with the results,” said Dr. Detlef Purschke, CCO of Stonebranch. “In today’s IT landscape, security is paramount. We strive to not only offer the secure software our customers expect, but to maintain that security, as well as the security of our customers’ environments. Secuvera continues to give us both the knowledge and experience to ensure that we can keep doing that.”
Secuvera has been an innovative IT security consultant since 1988. Secuvera BSI has been the recognized testing laboratory for "Trustworthy Systems" since 1992. Since January 2012, security consulting services can also be carried out against the background of independent certification. The BSI recognizes secuvera as a certified IT security service provider for IS-Revision. In September 2013, the additional recognition as a BSI-certified IT security service provider for penetration tests.
Stonebranch builds dynamic IT automation solutions that transform business IT environments from simple IT task automation into sophisticated, real-time business service automation, helping organizations achieve the highest possible Return on Automation. No matter the degree of automation, Stonebranch software is simple, modern and secure. Using its universal automation platform, enterprises can seamlessly orchestrate workloads and data across technology ecosystems and silos. Headquartered in Atlanta, Georgia with points of contact and support throughout the Americas, Europe, and Asia, Stonebranch serves some of the world's largest financial, manufacturing, healthcare, travel, transportation, energy, and technology institutions. Anchor [MW1]Is this a reference to AWS? It is hard to tell due to the capitalization