Omni:us – Penetration Testing for the ISO audit

How the Alice&Bob.Company supported Omni:us with clear methodology and insights in their security posture

Software & Internet

CHALLENGE

Omni:us is leading provider of AI-powered end-2-end insurance claim automation. The omni:us Digital Claims Adjuster (DCA) enables seamlessly integrated E2E claims automation within legacy applications and existing insurance core systems, such as Guidewire, Sapiens & SAP – enabling faster and better insurance claims decisions while reducing cost and increasing customer satisfaction.

Due to the software integration into existing systems and business-critical decisions, it is necessary to ensure the highest security standards. Omni:us therefore contracted the Alice&Bob.Company, the Berlin provider of public cloud security solutions, to conduct a penetration test, to identify potential security vulnerabilities.

solution

In Penetration Testing, Alice&Bob.Company’s cloud security specialists test a software’s ability to withstand various attack vectors. Using a methodology based on the OWASP Web Security Testing Guide, A&B penetration testers run de -weaponized attacks against the target platform, identifying both yet unknown and previously reported vulnerabilities, including OWASP Top 10. Findings are reported including recommendations on mitigation and remediation strategies to take.

RESULT

Over the period of two weeks, multiple components of the omni:us Digital Claims Adjuster were tested for OWASP Top 10 vulnerabilities. As a result of this penetration test, neither high or critical vulnerabilities were identified – a rare and positive outcome. All other outcomes were identified and documented to enable the customer to apply remediations and mitigations.

Working with public cloud security solution provider Alice&Bob.Company came as a logical choice. It was a pleasurable & highly professional experience in which we received quick results of thorough testing, which proves that our comprehensive secure development processes do pay off. The provided tests and results are – besides our existing ISO 27001:2013 – a markable milestones to reach ISO27017 and ISO27018 (Cloud Security and Privacy) certifications to extend our footprint in the industry. We are looking forward to continuing our cooperation with Alice&Bob.Company in the process of reaching our additional ISO certification goals.

Martin Micko, COO & Founder

RELATED SERVICES

SECURITY CONSULTING

We’ve been the first AWS partner in DACH, focussing crystal clear on Cloud Security. We’re providing cloud security expert advice to C-level executives, management roles, product teams and engineers. We integrate and enable.

WELL ARCHITECTED REVIEW

Architectural assessment based upon AWS Well Architected Framework to build the most secure, high performing, resilient and efficient infrastructure possible for your application.