Security is important in all industries, but it is especially sensitive in the financial sector.
One minor mistake can not only leak customer information but also cause damage to valuable assets.
SyncTree allows you to quickly and easily build a highly secure backend with Nocode.
Thanks to this, large domestic financial companies such as KB Kookmin Bank, KB Securities, National Nonghyup Bank, and Heungkuk Fire & Marine Insurance, and, of course, even global insurance companies such as AIG, AIA, and ABL are developing and managing their backends with SyncTree.
Although,
The degree and necessity of security required varies from company to company.
Accordingly, we discovered potential security issues and resolved them as follows so that more companies can use SyncTree more safely!
Outline
Upgraded security issues that require supplementation in app scans for a total of 4 services: Studio, API Portal Admin/User, and Runtime
Details
• SSL Chiper Suites related pass
• Non-existent domain link pass
• Insecure or incorrect cookie pass.
• Invalid account lockout issue pass
• Address other security issues
Outline
Studio, API Portal Admin/User Upgraded mock hacking supplements for a total of 3 services
Details
• Passes all various security vulnerabilities such as account-related authentication login
• Pass everything, including encrypted storage of important information
• Custom page error handling for error pages while in use.
• Address other security issues
Outline
Upgrade of DB and infrastructure supplements
Details
1. DB
• Account permission setup pass
• Logging Management Pass
• Pass using default port
• Address other security issues
2. Infrastructure
• Administrative directory permissions set pass.
• Configuration file permission settings pass
• Pass log format settings
• Log storage cycle pass
• Pass settings for comprehensive handling of error codes
• Address other security issues
Backend development & operation, solve it more safely and simply with SyncTree!
