LTIMindtree Logo
logo_lnt_group_company
  • What we do
    • CAPABILITIES
    iRun
    • Application Management Services  
    • Cognitive Infrastructure Services
    • Cybersecurity
    iTransform
    • AI-led Engineering
    • Data and Analytics
    • Enterprise Applications
    • Interactive
    • Industry.NXT
    Business AI
    • BlueVerse
    PROPRIETARY OFFERINGS
    • GCC-as-a-Service
    • Unitrax
    • Voicing AI
  • Industries we serve
    • INDUSTRIES
    • Banking
    • Capital Markets
    • Communications, Media and Entertainment
    • Energy & Utilities
    • Healthcare
    • Hi-tech
    • Insurance
    • Life Sciences
    • Manufacturing
    • Retail and CPG
    • Travel, Transport and Hospitality
  • About us
    • ABOUT US
    • Company
    • Investors
    • Brand
    • Newsroom
    • Partners
    • Insights
    • Environment, Sustainability and Governance
    • Diversity, Equity and Inclusion
  • Careers
logo_lnt_group_company
Contact
  • What we do
    CAPABILITIES
    iRun
    • Application Management Services  
    • Cognitive Infrastructure Services
    • Cybersecurity
    iTransform
    • AI-led Engineering
    • Data and Analytics
    • Enterprise Applications
    • Interactive
    • Industry.NXT
    Business AI
    • BlueVerse
    PROPRIETARY OFFERINGS
    • GCC-as-a-Service
    • Unitrax
    • Voicing AI
  • Industries we serve
    INDUSTRIES
    • Banking
    • Capital Markets
    • Communications, Media and Entertainment
    • Energy & Utilities
    • Healthcare
    • Hi-tech
    • Insurance
    • Life Sciences
    • Manufacturing
    • Retail and CPG
    • Travel, Transport and Hospitality
  • About us
    ABOUT US
    • Company
    • Investors
    • Brand
    • Newsroom
    • Partners
    • Insights
    • Environment, Sustainability and Governance
    • Diversity, Equity and Inclusion
  • Careers
Contact
  1. LTIMindtree is now LTM | It’s time to Outcreate
  2. Insights
  3. Enhancing the customer experience by modernizing a leading North American bank's contact center

LTM Helps a Global Consumer Brand Secure Its Ecommerce Website through Infrastructure Security and DevSecOps

Sep 01, 2024

  • Client
  • Challenges
  • LTM Solution
  • Client
  • Challenges
  • LTM Solution

Client

One of the cornerstones of the digital economy is the ecommerce marketplace. The ecommerce market is slated to surpass $4.6 trillion globally and is the source of a rich and diversified database which can be used in all sectors to understand consumer preferences and patterns. When a global consumer conglomerate wanted to launch a revamped website for one of its brands, it had to make sure the data it handled was secure.

Challenge

The conglomerate had earlier faced security issues in one of its 20 odd acquired brands. Therefore, they understood the importance of implementing security from the early stages of website development. The website for the brand in case had APIs for retailers and connections to the parent company site. In an earlier instance, the company had uncovered malicious codes in the ecommerce page of its other brand, which led to the exposure of payment information.

Therefore, the company wanted to make sure that the same incident was not repeated. They needed a best-in-class website, API and WAF security measures

LTM Solution

LTM met withthe client and understood the requirement for an aggressive security plan that they wanted. The first order of business for LTM was tocheck for pre-existing flaws in the system that had caused a security breach for the other brand of the company. Based on the findings, LTM provided Hacking-as-a-Service and Managed Security Services to meet client security requirements.

Penetration testing was conducted to find any issues that couldposetobe future threats. The vulnerability assessment revealed the presence of misconfigurationsin the retailer side APIsand blindServerSide RequestForgery(SSRF) vulnerabilities.Thisposedathreat ofdataexploitation,notonlytothebrand,butalso totheparentcompanysite.

Over 10 critical vulnerabilities were found, which were patched to secure the data of the client as well as the financial transactions. The misconfigured APIs were fixed to avoid siphoning of data from the website. Next, LTM created a Continuous Implementation and Continuous Development(CI/CD) pipelineand secure coding rules to automate the security tests. Finallya check list and step-by-step guideline was created for the company tounder go future thre at mitigation.

slider image
Case Study
calendar June 3, 2024
Modernize Your Workloads on Snowflake with PolarSled
David Althoff
Chief Business Officer, Insurance

It’s time to Outcreate

Outcreate Your Business

  • Industries
  • iRun
  • iTransform
  • Business AI

Outcreate with LTM

  • Brand
  • Company
  • Careers
  • Locations

Outcreate Together

  • Investors
  • Newsroom
  • Partners
LTIMindtree Logo

It’s time to Outcreate

  • Industries
  • iRun
  • iTransform
  • Business AI
  • Brand
  • Company
  • Careers
  • Locations
  • Investors
  • Newsroom
  • Partners
LTIMindtree Logo
Accessibility Modern Slavery Statement Privacy Statement Responsible Disclosure Do not sell my personal information Sitemap

Stay connected for latest updates on LTIMindtree