Security Review and Testing

Customer: Security Review and Testing – Ravensdown
Industry: Agriculture
Services: Application and Mobile Security Assurance Testing

Download success story

Challenges

Security review
Web application testing
Mobile application testing

Outcome

Independent security review and assurance testing
Detailed report on findings and recommendations for remediation
Regression testing to verify the remediations made

Ravensdown

Founded in 1978, Ravensdown’s mission is ‘smarter farming for a better New Zealand’. Helping farmers reduce environmental impact and optimise value from the land through quality products, expertise and innovative technology.

Whether it is food grown for livestock or for human consumption, Ravensdown is an integral part of the food creation process. It is the only co-operative that tests for, advises about, buys, ships, stores, spreads, measures and maps foodcreating nutrients and fertiliser in a truly integrated way.

The challenge

Ravensdown have been steadily increasing the scale and breadth of their security program, commensurate with the increasing risks they face from cyber security threats.

As part of their security program and supporting practices, they undertake security assessments and penetration tests across critical business systems.

Prior to engaging with CyberCX, Ravensdown had kicked off several significant technology programs that involved sufficient changes to their system architecture to warrant a fresh look at their security exposure.

The solution

CyberCX was engaged to perform a security review and assurance testing to identify any vulnerabilities within Ravensdown’s cloud ERP deployment and to ensure its ability to integrate with a newly built cloud Data Lake and Data Warehouse solutions.

The security review

was carried out against Ravendown’s ERP solution for managing core financials, sales and ordering, supply chain management and asset management, to ensure secure access for public cloud deployment

Application penetration testingApplication penetration testing

was needed for authenticated user access via both web and mobile interfaces

A detailed executive report and technical report were provided with findings and recommendations to Ravensdown.

Executive Report

A high-level overview of the testing results aimed at executives and project management

Technical Report

A more detailed view of the results of the testing, including technical recommendations to resolve uncovered issues. This is aimed at technical staff charged with any remediation work

CyberCX’s security review, testing and comprehensive security reports, prioritising actionable recommendations, are designed to help organisations:

Harden digital assets

against malicious attacks

Validate security measures

and processes against industry best practices

Reduce time and costs

associated with managing false positives from automated scans

Gain independent

verification of systems and configurations

The outcome

By collaborating with CyberCX, Ravensdown was able to verify their security posture through independent review and testing, conducted by a team of highly qualified security consultants.

This has also resulted

in regression testing following Ravensdown’s remediations

Testing was also conducted

against the Data Warehouse solution

Having security assurance testing conducted, followed by remediation, further demonstrates Ravensdown’s commitment to ensuring they have the necessary processes in place to maintain systems integrity.

“CyberCX appealed to us because it offered an end-toend service from scoping, review and assessment, through to reporting and any required follow up. As a very busy internal technology team, we need partners who can listen to our needs and move independently as much as possible”

Scott Whitfield
Chief Technology Officer