Cybersecurity & Testing for Security Solutions Provider
Stingrai Inc. pentested the application of a security solutions provider. The team reported the issues they found and gave recommendations on how to resolve them via their dashboard platform.
Client: DeepTrust — Aman Ibrahim, CEO, San Francisco, California
Industry: Technology
Timeline: May. 2025 - Jun. 2025
Rating: 5/5.0 (Quality: 5, Schedule: 5, Cost: 5)
The quality of Stingrai Inc.'s work was impressive.
Project Summary
Stingrai Inc. pentested the application of a security solutions provider. The team reported the issues they found and gave recommendations on how to resolve them via their dashboard platform.
The Challenge
- We needed to pentest our application as we were getting our SOC II Type II audit
The Approach
Stingrai Inc. pentested our application, reported the issues they found, and gave us recommendations on how to resolve them via their dashboard platform.
The Outcome
Stingrai Inc. identified multiple issues around authentication and sensitive data access, leaked keys, and potential opportunities for bad actors to use our platform to phish, social engineer, and DDoS our service. The team provided multiple recommendations to directly improve authentication and cover up edge cases. Some of the recommendations included removing hard-coded keys, rate limiting certain POST requests, implementing stricter server-side role and access validation, and adding more validation around user inputs for edge cases. We created tickets for our engineers to resolve the issues, and they were resolved within a month.
Project Management
Stingrai Inc.'s project management was great. The team delivered on time and responded well to our needs. We communicated via Slack.
What Was Most Impressive
The quality of Stingrai Inc.'s work was impressive.
Verified by Clutch. View more at stingrai.io/case-studies