05 Security issue of No-code Solutions? We Solved This Way!

SyncTree allows you to quickly and easily build a highly secure backend with Nocode.

Security is important in all industries, but it is especially sensitive in the financial sector.

One minor mistake can not only leak customer information but also cause damage to valuable assets.

SyncTree allows you to quickly and easily build a highly secure backend with Nocode.

Thanks to this, large domestic financial companies such as KB Kookmin Bank, KB Securities, National Nonghyup Bank, and Heungkuk Fire & Marine Insurance, and, of course, even global insurance companies such as AIG, AIA, and ABL are developing and managing their backends with SyncTree.

Although,

The degree and necessity of security required varies from company to company.

Accordingly, we discovered potential security issues and resolved them as follows so that more companies can use SyncTree more safely!

Key Upgrade Details

Upgrade 1 - App Scan

Outline

Upgraded security issues that require supplementation in app scans for a total of 4 services: Studio, API Portal Admin/User, and Runtime

Details

• SSL Chiper Suites related pass

• Non-existent domain link pass

• Insecure or incorrect cookie pass.

• Invalid account lockout issue pass

• Address other security issues

Upgrade 2 - Penetration Testing

Outline

Studio, API Portal Admin/User Upgraded mock hacking supplements for a total of 3 services

Details

• Passes all various security vulnerabilities such as account-related authentication login

• Pass everything, including encrypted storage of important information

• Custom page error handling for error pages while in use.

• Address other security issues

Upgrade 3 - Infrastructure Security Assessment

​Outline

Upgrade of DB and infrastructure supplements

Details

1. DB

• Account permission setup pass

• Logging Management Pass

• Pass using default port

• Address other security issues

2. Infrastructure

• Administrative directory permissions set pass.

• Configuration file permission settings pass

• Pass log format settings

• Log storage cycle pass

• Pass settings for comprehensive handling of error codes

• Address other security issues

Backend development & operation, solve it more safely and simply with SyncTree!

Keywords
Related Posts
NEWS

[NEW] SyncTree Block Store: Visible Backend!

Experience boundless scalability with seamless service connectivity!
April 21, 2023
NEWS

SyncTree NEW Official Website

If you are curious about how far you can develop with SyncTree,Come and visit our newly renovated website!
June 20, 2023
TECH

01 OpenAI Block - Use ChatGPT4와 Dalle3 in My Service

Easier way to put ChatGPT 4, Dalle 3 in your service!
March 12, 2024