Grow VC Group
  • Home
  • Group
  • Team
  • FAQ
  • Join Us
  • Trainee Program
  • Contact
  • News

Crowd Valley Platform Passes Bank-Grade Security Audit

6/25/2017

Comments

 
​Working with one its large retail bank customers, Crowd Valley (a Grow VC Group company) has successfully passed an enhanced, independent security audit undertaken by one of the world’s leading information security consulting firms. 
​
This third party verification confirms the stability and security for sophisticated users of the company’s products and services, and sets the platform up for even more institutional applications around the world. 
 
Nixu Corporation (www.nixu.com) is one of the world's leading security specialist companies and has been focused on information security since its foundation in 1988. Since then it has worked with numerous banks, telecommunications firms and governments around the world to help them address and improve their approach to cybersecurity.
 
Nixu carried out a project to assess the security of the Crowd Valley API and Back Office platforms, which was done by attacking the Crowd Valley API and the administrative applications from the point of view of a motivated attacker trying to obtain unauthorized access to Crowd Valley’s customers’ data and functionality. 
 
The API was tested for general compliance with the OWASP Application Security Verification Standard requirement categories: Authentication, Session Management, Access Control, Malicious Input Handling, Error Handling and Logging, Data Protection, Communications Security, HTTP Security, Business Logic, and File and Resource Validation.
 
Following the process Crowd Valley customers can now benefit from the following functional updates that have been implemented and are already available on sandbox and live environments:
 
  • Two-Factor Authentication for all Back Office Admin Users using the Google Authenticator application
  • Global User Password Rules that enforce a consistent password policy across all end-user applications
  • Automated restrictions on Admin Users who attempt to login with an incorrect password more than 5 times within a short time period
  • Implementation of a stricter Content Security Policy and additional Cross Site Request Forgery protections in the Back Office to prevent phishing or similar attacks that would leverage an Admin User’s existing permissions
 
For more information on how you can make the most of these security features in your own applications please get in touch with your primary Crowd Valley contact.
Picture
Comments

    About

    Est. 2009 Grow VC Group is building truly global digital businesses. The focus is especially on digitization, data and fintech services. We have very hands-on approach to build businesses and we always want to make them global, scale-up and have the real entrepreneurial spirit.​

    Read the latest Grow VC Group  FinTech, distributed and crypto finance, and blockchain report
    Read the AI, Asia and FinTech report - including comments about potential trade wars.
    Download

    Research Report 1/2018: Distributed Technologies - Changing Finance and the Internet 


    ​Research Report 1/2017: Machines, Asia And Fintech:
    Rise of Globalization and
    Protectionism as a
    Consequence


    Fintech Hybrid Finance Whitepaper

    ​Fintech And Digital Finance Insight & Vision Whitepaper


    Learn More About Our Companies:
    • Difitek
    • Prifina​
    • RE Bearing
    • Token Index Fund
    • Startup Commons
    • Lost in Translations
    • Robocorp
    • Nodi Liber​

    Archives

    January 2023
    August 2022
    July 2022
    June 2022
    May 2022
    April 2022
    February 2022
    January 2022
    December 2021
    November 2021
    October 2021
    September 2021
    August 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    October 2020
    September 2020
    July 2020
    May 2020
    April 2020
    March 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    September 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    May 2017
    April 2017
    March 2017
    February 2017
    January 2017
    December 2016
    November 2016
    October 2016
    September 2016
    August 2016
    July 2016
    June 2016

    Categories

    All
    Difitek
    Grow VC Group
    Robocorp

    RSS Feed

Digital Intelligence Globally
Picture
© 2009-2023 Grow VC Operations Ltd. All Rights Reserved.
  • Home
  • Group
  • Team
  • FAQ
  • Join Us
  • Trainee Program
  • Contact
  • News