October 7, 2021

Security Status Update

SecuraStock recently completed a year-long in-depth 3rd party penetration testing activities; in line with generally accepted Information Technology (IT) penetration testing standards and guidelines as stipulated in The Penetration Testing Execution Standard (PTES) and the OWASP Methodology.


The testing included Discovery, Enumeration, Vulnerability Scanning, Manual and Automated Testing, and Exploitation of any identified vulnerabilities.  The testing included Passive Reconnaissance, Active Reconnaissance, Crawling, Configuration and deployment management testing, Identity management testing, Authentication testing, Authorization testing, Session management testing, Input validation testing, Testing for error handling, Testing for weak cryptography, Business logic testing, Client-side testing, Vulnerability scanning, and Exploitation (where possible).  The test results are available to share with existing customers.   In addition, we have also enhanced and automated many our internal software development processes to add self-tests for known issues , the list of which is being constantly updated.


SecuraStock maintains to this day 100% perfect non-penetration or infiltration record, which allows our equipment to remain inside even the most demanding customers’ physical and electronic walls, customer such as Nuclear Power Plant Facilities.