Fraudline is a mid-sized international company delivering solutions for ethical governance, compliance, and corporate security. Its products support whistleblowing processes in line with EU requirements.
Operating in regulated industries, the company adheres to standards such as GDPR, ISO 27001, ISO 37001, and EU Directive 2019/1937, making web platform security a top priority.
For Fraudline, we conducted an automated gray-box penetration test. We used OWASP ZAP and Nessus, and to bypass non-standard authentication via HTTP headers, we developed and applied a custom Burp Suite extension.
Following the automated testing, the Datami team had additional time available — so we went beyond the contractual scope and provided extra value to the client. We performed manual analysis of business logic, focusing on areas such as password changes and file uploads.
During the project, Datami performed automated security testing of the web platform and engineered a custom approach to handle non-standard client-side session management. In parallel, we conducted a review of secure development practices.
Additionally, after completing the automated scan, we performed manual business logic testing, focusing on password change functionality and file upload mechanisms.
Every
During the security testing of the Fraudline web platform, the Datami team identified 6 technical issues (5 low-severity vulnerabilities and 1 informational), primarily related to authorization logic and file upload functionality.
Based on the findings, we compiled a detailed report and provided Fraudline with actionable recommendations to enhance digital security:
Once the recommendations are implemented, a reduction in data leakage risk is expected. A retest is planned to confirm the effectiveness of the improvements.
As a result of the collaboration with Datami, Fraudline received a structured security report and a clear improvement plan.
The project goals were achieved on time — within 2 weeks, including additional work such as manual business logic analysis.
This case demonstrates that companies focused on ethical compliance and information security require regular security testing to maintain compliance with industry standards.
California-based company Ingram Micro, headquartered in Irvine, California, has reported the discovery of ransomware in its internal systems. The attackers caused a disruption in order processing.
Every year, companies are increasingly integrating automated tools into their cybersecurity processes. Automation is just one auxiliary tool that comes with both advantages and disadvantages that must be kept in mind.
The aviation industry is one of the most technologically advanced sectors, significantly influenced by digitalization. At the same time, this increases its vulnerability to cyber threats, which can have catastrophic consequences.