Ukrainian company FS Group conducted vulnerability scanning and penetration testing of the mobile application of online government services “Дiя 2.0”, the company’s press service said on Tuesday. “Providing online access to electronic services, the project is critical for the state. Penetration testing is an important step that ensures the systematic and uninterrupted operation of electronic services. ”, – quotes the press service of the technical director of FS Group Andriy Sharonov was quoted as saying
The company notes that during the pentest, Group FS specialists check all nodes of the company’s information system, on which the normal functioning of the business depends, in search of vulnerabilities that may allow unauthorized access to data or disable the system. In this case, each step is documented, and all vulnerabilities found are included in the report
Testing of the program “Action 2.0” was performed using the gray-box method. This method is analyzed on the basis of known data, experts design more complex testing scenarios, pentesters work with the developer, which allows you to initially remove excess test cases. This helps reduce functional and non-functional testing and improves the overall quality of the product, as well as giving the developer enough time to correct defects, the company explains
In addition, FS Group emphasizes that regular penetration testing ensures the smooth operation of electronic services and helps prevent data leakage
The project partners in the pilot tests are the Ministry of Digital Transformation and the Ministry of Development of Communities and Territories of Ukraine
Testing is conducted within the project “Readiness for cybersecurity in public authorities of Ukraine”. The project is funded by the Estonian Development Cooperation Fund and the US Embassy in Ukraine.