Case Studies

January 12, 2016

Hackers tricking UAE companies to make payments to foreign bank accounts – A real-world case study

This case study is in continuation to the press release published at: The entire incident was started with an email sent from a spoofed email address to the victim working in the accounts […]
August 24, 2015

SQL Injection All Over – Application Security Assessment for a Nodal Agency

Torrid Networks was recently engaged in web application security assessment for a top nodal agency processing highly classified information. Along with few common misconfigurations, some serious security issues were detected in the web application security […]
June 3, 2015

XPATH Injection, Telecom X-Factor – Application Security Case Study

During a recent engagement to audit an application for a large telecom provider, Torrid Networks’ expert application security team encountered few XPATH injections in the application. The application was though also observed to contain many […]
March 20, 2015

Investigating SPAM Issues – The unauthentic way!

Torrid Networks was recently engaged by a large software company to investigate the rising spam issues with their corporate mail server. Company had over 2500 mailboxes with a software based anti-spam solution. The same solution […]
January 28, 2015

Penetration Testing of Websense Content Filtering for Gurgaon, Delhi NCR, India based company

Torrid Networks was recently engaged by a Gurgaon, Delhi NCR, INDIA based company to conduct a comprehensive penetration testing of its content filtering infrastructure. Customer is using Websense content filtering product to filter the non-business […]
April 18, 2010

Malware Analysis Report for a targeted attack via word document carried out against few sensitive email accounts belonging to elite customer of Torrid

Customer is from govt. sector responsible for carrying out few sensitive tasks which makes them an obvious and prime target for cyber attacks. Recently, few prominent email accounts belonging to customer received a suspicious email […]
November 12, 2009

Information Security Audit For A BPO And Knowledge Management Company

The customer offers Information Technology, BPO and Knowledge services to its various clients. Several Blue chip organizations have chosen them as a strategic partner to manage key result oriented areas of Information Technology, due to […]
March 10, 2009

Application Security Assessment For A Global Financial Services Company

The customer is a global financial services company, headquartered in New York City is best known for its credit card, charge card, and traveler’s cheque businesses. Following an era of international expansion, the company became […]
October 26, 2008

Implementation of CA eTrust Access Control For Government of India

Customer is a prime department under Government of India and processes highly sensitive financial information across its datacenters distributed at different locations in India. The department is mainly responsible for matters relating to levy and […]
July 29, 2008

Code Review and Web Application Security Assessment For a US State Department

Our client manages the country’s basic infrastructure through a complex network and planned to automate the billing process for the services it provides. They invested heavily in an automation system consisting of small, low-power radio […]