Remediation Relief for Sensitive Financial Data
Trust & Will is on a mission to help every family to leave their legacy with a fast, easy, and secure way to create, manage, and distribute their estate plan online.
San Diego, California
Estate Planning/Financial Services
Series B $15M USD
51-200
Challenge
Trust & Will was interested in further hardening their security systems, getting more visibility into their overall risk management, and levelling up their security posture with comprehensive penetration testing as their team and product suite continues to evolve.
Trust & Will’s data protection strategy focuses not only on what data they store but also how it is leveraged, ensuring least privilege principle, role based access control and additional security best practices are in place to protect Personal Identifiable Information (PII).
Solution
Although Trust & Will had undergone previous penetration tests, the company was ready to engage with methodologies that matched the sophistication of their own security and data protection program.
The 6 weeks of grey box pentesting on all of their web applications and infrastructure enabled them to not only meet SOC 2 Type 2 and HIPAA requirements for compliance, but it also assures continued trust with their clients and partners.
Benefits
Working with a pentest partner who offers comprehensive pentesting tailored to the attack surface was the best way to confirm that Trust & Will’s data protection and security strategies were sound, despite how fast their team continues to deliver new functionality, insights and efficiencies to their clients and partners.
Results
Although Trust & Will’s application had many strong security controls in place, Software Secured was able to uncover new findings that were helpful in their pursuit to continuously advance their security posture. Software Secured made this an efficient process for the development team by providing recommended steps needed to eliminate, mitigate and delegate risk, supporting this goal. As a result, Trust & Will felt peace of mind knowing they had an effective partner to identify and remediate risk at this growth stage.
We were looking for a vendor who would be a true partner, capable of adapting to our changing needs and schedule. This collaborative planning and execution of our pentesting provided flexibility and a strong foundation for a long-term relationship. One of my favourite things about working with Software Secured was that they heard what we needed and delivered. The thoroughness of our assessment went beyond what we experienced with past vendors. "
Michael Jones,
VP of Engineering at Trust & Will
Here to get you started
15 Risks & Rewards of Pentesting in a Production Environment
No testing strategy is one-size-fits-all. Pentesting in a production environment can provide advantages, though it does come with many risks.
The State of Penetration Testing as a Service- 2022 Edition
Say goodbye to 300+ page penetration test reports
Providing the quality of the biggest names in security without the price tag and complications.
Manual penetration testing
Full time Canadian hackers
Remediation support
