Client Background

Twala helps businesses to legally and securely sign, and manage tamper-proof documents online with its blockchain digital signature and ID verification services. Furthermore, their platform manages sensitive data and critical documents of businesses.

Twala is compliant with the Philippines' E-Commerce Act and Supreme Court's Rules on Electronic Evidence. They are also legally accepted in other jurisdictions such as the US, EU, ASEAN, and many more. However, to meet regulatory security requirements and fend off cyberattacks, Twala needed a security partner to go beyond the traditional penetration testing and provide a real-world simulation of threats.

Challenges

Twala had the following challenges about cybersecurity:

  • Make sure their platform is secure from all possible data breaches
  • Validate the security measures implemented against unauthorized logins
  • Make sure that identities in the Twala system cannot be taken over by malicious actors
  • Identify if there are sensitive data leakages in their platform
  • They had to engage with a cybersecurity firm that is certified by the Department of Information and Communications Technology (DICT) that is reasonably priced

Why Secuna

Twala Management realized that only qualified and experienced penetration testers could effectively test their platform, to identify security vulnerabilities, and verify if security measures are correctly implemented; before cybercriminals could exploit them.

Secuna has a reputable background and is known to help SMEs ensure that their assets are protected from potential security issues and data breaches with reasonable service rates.

Solutions Provided

Twala worked with Secuna in May 2021 to conduct Vulnerability Assessment & Penetration Testing (VAPT). Some of the service highlights provided during the engagement:

  • Thorough penetration testing of website app, mobile app, and API assets based on OWASP Web Security Testing Guide v4.1
  • Targeted penetration testing for blockchain digital signature and ID verification services
  • Agile and highly collaborative vulnerability remediation approach through Secuna’s secure platform
  • Unlimited retesting period to ensure fixes deployed were effective

Learn more about Secuna’s VAPT Methodology. Book a call with one of our cybersecurity experts today.

Results

After a month of extensive testing, this collaboration garnered the following results:

  • Twala Team fixed 47 security vulnerabilities identified by Secuna Penetration Testing team.
  • Secuna Penetration Testing team rated eight security vulnerabilities from High to Critical using CVSS 3.1, an industry-standard scoring system.
  • Detailed technical report with easy to follow steps to replicate each vulnerability.
"We had a superb experience working with Team Secuna. They are very attentive to details and highly collaborative. Apart from delivering the business side of things, we loved how Paulo and AJ were super hands on all the way through our engagement. Kudos guys!"
– Charlie, COO Twala

Ready to secure your platform?
Get in touch with one of our cybersecurity experts today.