CASE STUDIES

Industry:

IT & Telecom

Company

Network Intelligence

Location:

New York, New York State, United States

Company Size:

501-1000 Employees

Product:

Netsparker Enterprise

ISO 27001 Certified PCI DSS QSA Detects Vulnerabilities and Security Flaws with Netsparker

About 4 years ago, my team brought Netsparker to my attention and we took it for a spin during a real live penetration test. It did outperform the other established tools we were using in terms of ease of use and also web application vulnerabilities detection rate. It was a breath of fresh air. We found it to be a light, fast and reliable tool with hassle free licensing. - K. K. Mookhey, Network Intelligence's Founder & Director

Network Intelligence is an ISO 27001 certified PCI DSS QSA, and a well-established provider of information security services and products. Established in 2001, Network Intelligence has a strong reputation of providing top notch information security consultancy, 24/7 security monitoring, and product implementation services to industry leaders both in the Asia-Pacific region as well as other parts of the globe. Their client list includes companies across several different verticals such as banking and financial services, software services, pharmaceutical, telecom, and manufacturing, e-commerce, and government departments.

The Responsibilities of Web Application Security Services

Network Intelligence's primary source of income and forte are web application security services.

They do penetration tests and identify vulnerabilities and security flaws in their customers' websites and web applications. Such a job has a huge responsibility: they cannot afford to miss one single vulnerability, because if a customer's website is hacked, the repercussions can have a catastrophic effect on their business.

Keeping Up with the Demand Whilst Delivering Top Quality Services

Even though Network Intelligence always did a meticulous job and left no stone unturned when doing a penetration test, they could not afford to not automate some of their processes, especially if they wanted to offer a competitive price and keep up with the demand. Therefore, in their early stages, and for a good number of years, they used automated web security tools; although they encountered several problems which they continuously tried to address.

Most of the security tools they tried were cryptic and difficult to use. Some had a better vulnerability detection rate than the others, but none of them really did the job properly, not to mention that most of them reported false positives. Hence, their concern was that they were spending more time working on the configuration of the tools and verifying their results rather than doing the job and providing the customer with an affordable web application security service and an accurate report.

Solving the Web Application Security Problem

The requirement that Network Intelligence had when it comes to web application security scanning and services was very simple: to identify all web application vulnerabilities and security flaws.

Throughout the years we used a number of automated security tools, but we were never really satisfied with their overall performance, hence as soon as we knew about a new automated web application security scanner we wanted to test it to see if it could perform better than the tools we were already using.

About four years ago, my team brought Netsparker to my attention and we took it for a spin during a real live penetration test.  It did outperform the other established tools we were using in terms of ease of use and also web application vulnerabilities detection rate. It was a breath of fresh air. We found it to be a light, fast and reliable tool with hassle free licensing. - K. K. Mookhey, Network Intelligence's Founder & Director

Growing With Netsparker Web Application Security Scanner

Network Intelligence has been using Netsparker for over four years in conjunction with another tool or two, but most of the other automated tools have been discarded because Netsparker was the perfect match. - K. K. Mookhey, Network Intelligence's Founder & Director

Network Intelligence scans thousands of websites and custom-built web applications each year and can only keep up with the demand to detect all technical web application vulnerabilities and security flaws thanks to Netsparker's automation.

The exploitation engine is a very handy tool. We use it to validate the issues there and then, and to also show the customers the impact a vulnerability can have, without the need of setting up a simulation in a lab. - Taufiq Ali, Manager (Security Assessment) at Network Intelligence

Supporting a Variety of Web Servers and Frameworks

The web application industry is a very dynamic one; there is a wide variety of web server software to choose from and a much wider choice when it comes to web frameworks and development languages. And the list keeps on growing every few years, if not months!

Hence, with such a wide variety of customers from different verticals, Network Intelligence encounters them all; Apache, NginX, IIS, Tomcat, JAVA, PHP, .NET, JSF and many others.

This was another deciding factor for them when choosing an automated tool. Could Netsparker scan all these different web applications built with different frameworks and running on a variety of web servers? The answer is a solid YES.  Proof of it is that Network Intelligence has been using Netsparker for over four years now.

Having a Web Application Security Expert to Rely On

As most professionals know, having good software means nothing without good support, especially in the web security industry. Things can get quite complicated and you do not want to end up with your back against the wall while working on a critical penetration test.

First-rate support is another reason why Network Intelligence stuck to Netsparker.

The support from Ferruh and his team has always been positive. The responses are almost prompt and always appropriate. - K. K. Mookhey, Network Intelligence's Founder & Director

About NII Consulting

Network Intelligence is an ISO 27001 certified PCI DSS QSA, well-established provider of information security services and products from India. Incorporated in July 2001, we have established a reputation of providing top notch information security consultancy to industry leaders both in the Asia-Pacific region as well as other parts of the globe. Our client list includes companies across verticals such as banking and financial services, software services, pharmaceutical, telecom, manufacturing, e-commerce, and government departments. Our consultants possess the requisite industry certifications, but more importantly they are equipped with a wide range of skills covering different technologies and environments.

RPM

“Netsparker are not just another vendor from where we purchase any other software, they are like business partners. We have to trust their products do a good job to ensure the security of our cloud-based platforms, else our business’ reputation could on the line. And Netsparker have earned such trust.”

Read the RPM
Case Study
ING Bank Logo

"As opposed to other web application scanners we used, Netsparker is very easy to use and does not require a lot of configuring. An out of the box installation of Netsparker Web Application Security Scanner can detect more vulnerabilities than any other web application..."

Read the ING
Case Study
Sumeru

“We like Netsparker not only because it is able to be configured quickly, but also the scans themselves are completed quickly, reliably and without false positives (a large timesaver in and of itself).”

Read the Sumeru
Case Study

Turn your security process into a success story

Get a demo

Netsparker Ltd
220 Industrial Blvd Ste 102
Austin, TX 78745

© Netsparker 2021, by Invicti

RESOURCES

USE CASES

WEB SECURITY

COMPANY

© Netsparker 2021, by Invicti

Subscription Services Agreement Data Protection Policy Information Security Policy Privacy Policy Sitemap