experience the next
 
Company  > Pressroom  > News

AxxonSoft products successfully pass independent cyber security tests

12/03/2018

A1QA, an independent software QA and testing provider, has finished testing the Axxon Next video management system and its proprietary AxxonNet cloud service for security susceptibilities. The tests have shown no critical or blocking vulnerabilities.

According to research by Kaspersky Lab, in 2017, nearly one-third of private and corporate users were subject to cyber attacks. In response to the growing intensity and scope of cyber threats, AxxonSoft places its software's security among its top priorities.

A1QA is among the world's top 20 software QA and testing services. The company's client list includes major international companies such as Acronis, Kaspersky Lab, Turkcell and SAP. A1QA's experts performed a security assessment of the Axxon Next VMS 4.1 server and client, and the AxxonNet cloud service. Axxon Next 4.2 software was also tested against brute force attacks.

A dedicated team of A1QA specialists tested AxxonSoft's systems by simulating external and internal attacks. The following tools were applied for the vulnerability scan:

  • Wireshark network protocol analyzer,
  • Burp Suite Pro web vulnerability scanner,
  • dotPeek decompiler,
  • Nmap security scanner, port scanner and network exploration tool,
  • Dirsearch brute force tool.

More than a hundred tests were performed, including:

  • penetration testing;
  • network traffic and session assignment analysis;
  • tests on: error handling, application business logic, cryptography, network infrastructure configuration, client-side vulnerabilities;
  • a search for easily accessible administration panels and known extension file leaks;
  • collection of information on the technology stack: data breach check with search engines, web server detection, a search for metadata containing confidential information on server, a check for data breaches in the webpage's code.

The assessment discovered no critical or blocking vulnerabilities in Axxon Next and AxxonNet software.

AxxonSoft is strategically oriented to minimize user risks and proactively prevent new cyber threats. Such assessments ensure the security of our users and their data on each of AxxonSoft's platforms. They also help introduce new cyber security functions and updates into our products.


Additional useful information