AxxonSoft products successfully pass independent cyber security tests
A1QA, an independent software QA and testing provider, has finished testing the Axxon Next video management system and its proprietary AxxonNet cloud service for security susceptibilities. The tests have shown no critical or blocking vulnerabilities.
A1QA is among the world's top 20 software QA and testing services. The company's client list includes major international companies such as Acronis, Turkcell and SAP. A1QA's experts performed a security assessment of the Axxon Next VMS 4.1 server and client, and the AxxonNet cloud service. Axxon Next 4.2 software was also tested against brute force attacks.
A dedicated team of A1QA specialists tested AxxonSoft's systems by simulating external and internal attacks. The following tools were applied for the vulnerability scan:
- Wireshark network protocol analyzer,
- Burp Suite Pro web vulnerability scanner,
- dotPeek decompiler,
- Nmap security scanner, port scanner and network exploration tool,
- Dirsearch brute force tool.
More than a hundred tests were performed, including:
- penetration testing;
- network traffic and session assignment analysis;
- tests on: error handling, application business logic, cryptography, network infrastructure configuration, client-side vulnerabilities;
- a search for easily accessible administration panels and known extension file leaks;
- collection of information on the technology stack: data breach check with search engines, web server detection, a search for metadata containing confidential information on server, a check for data breaches in the webpage's code.
The assessment discovered no critical or blocking vulnerabilities in Axxon Next and AxxonNet software.
AxxonSoft is strategically oriented to minimize user risks and proactively prevent new cyber threats. Such assessments ensure the security of our users and their data on each of AxxonSoft's platforms. They also help introduce new cyber security functions and updates into our products.