(929) 590-5818 [email protected]
en
en

Docker Infrastructure Security Audit

Client:
HUSPI — a software development company for healthcare and financial organizations
Industry:
Software Development
Focus:
Protection of personal, medical, and corporate data within the company’s digital products
Main challenge:
Security assessment of servers in Docker containers to prevent unauthorized access and data leaks
Market:
Ukraine, Poland, Germany (international segment)
Services provided:
White-box pentest of servers, containers, and network
Key Takeaways
  • Strengthened container security posture
  • Reduced data leak risk by 80–90 percent
  • Identified 9 vulnerabilities, including 2 critical ones
  • Provided a detailed report with recommendations for strengthening the infrastructure
  • Critical vulnerabilities were eliminated within 24 hours of reporting
    • 24 hours
    to fix the vulnerability
    9
    vulnerabilities detected
    80–90%
    lower risk of data breaches
    Docker Infrastructure Security Audit
    Jan 17, 2025
    14 min
    Do Docker containers really guarantee isolation and security? The IT company HUSPI turned to Datami for a scheduled penetration test of its internal infrastructure. We performed white-box testing of Docker servers, identified critical vulnerabilities, and helped reduce the risk of data leaks by 80–90%.

    HUSPI is a mid-sized IT company registered in Poland that develops software for the healthcare, financial, and real estate sectors. Thousands of users work with its web platforms and APIs every day.

    HUSPI operates in regulated industries and complies with international security standards (including GDPR), making the protection of personal, medical, and corporate data critically important for the company.

    Objectives and challenges
    HUSPI initiated a scheduled security assessment due to the risks of unauthorized access to internal systems and potential data leaks from the containerized environment.

    The goal of the project was to identify vulnerabilities and test the security of the internal infrastructure to ensure compliance with international security standards, including GDPR and healthcare requirements.
    • Conduct a white-box penetration test of internal servers and containers (frontend and backend).
    • Assess the isolation of Docker environments and network interactions, including the risks of container breakout.
    • Identify vulnerabilities, assess risks, and prepare a detailed report with recommendations.
    icon
    Penetration testing
    White-box testing of frontend and backend containers
    icon
    Vulnerability detection
    Identification and analysis of risks within the internal infrastructure
    icon
    Reporting and recommendations
    Detailed report on threats and security improvements
    Datami methodology: HUSPI security assessment
    Our approach

    Datami assessed HUSPI’s internal infrastructure, including frontend and backend servers in Docker containers.

    The primary method used was a white-box penetration test: the team had access to technical information for the most in-depth analysis.

    We combined manual and automated testing methods, analyzed configurations, and examined inter-container interactions. SSH access enabled work in the live environment.

    Despite a limited budget, the team identified critical vulnerabilities and provided effective recommendations.

    White-box
    White-box
    The testing was carried out with full access to the internal infrastructure, allowing the team to simulate the most likely attack vectors and obtain an objective picture of the security posture.
    Main project stages and solutions

    During the project, Datami used specific scenarios to test Docker container isolation and adapted the workflow in response to access delays.

    Analysis of the key components of the container environment enabled the team to cover priority risk areas and respond promptly to client requests.

    • Preparation:
      Analysis and clarification of technical details, test planning, and identification of critical areas for assessment.
    • Penetration testing:
      White-box pentest of two Docker servers, combining manual and automated approaches to detect vulnerabilities in network interactions and container isolation.
    • Analysis and reporting:
      Preparation of a detailed report describing the identified risks, recommendations for remediation, and measures to improve security.
    Cybersecurity starts with action
    How we can help you?

    Every cybersecurity case study we solve involves deep analysis, tailored solutions, and measurable results.
    Datami has already helped over 600 companies strengthen their digital defenses — and we can do the same for your business.
    Ready to take action?

    Let’s start with a free consultation!
    Results and recommendations
    Results and recommendations

    At the start of the project, HUSPI’s internal infrastructure faced high risks: lack of container audits and weak network segmentation posed threats to sensitive data.

    During the white-box pentest, Datami discovered 9 vulnerabilities: 2 critical (including database access via inter-container communication), 3 medium, and 4 low.

    HUSPI received clear recommendations to strengthen cybersecurity:

    1. Regular audits of Docker configurations
    2. Restriction of inter-container access
    3. Implementation of a Zero Trust approach and updated logging

    After implementing the recommendations, the risk level was reduced to medium: the likelihood of data loss due to inter-container communication decreased by 80–90%, helping to avoid over $50,000 in potential financial losses.

    The project was completed in 2 weeks instead of the standard 3–4. Critical vulnerabilities were fixed by the client within 24 hours.

    Our certificates
    Key project outcomes

    With Datami’s help, HUSPI improved its cybersecurity in just 2 weeks: the company gained a clear picture of potential risks, received an actionable roadmap, and strengthened its GDPR compliance. All project objectives were achieved.

    This case proves that even companies specializing in complex digital solutions need regular penetration testing to avoid financial, legal, and reputational losses.

    Aspect
    Before the project
    After implementation
    Security status
    High risk due to lack of container audits
    Risk level reduced, 9 vulnerabilities found
    Critical vulnerabilities
    Possible unauthorized access to databases
    2 critical issues found, fixed within 24 hours
    Account compromise
    Potential due to network isolation issues
    Risk reduced after configuration improvements
    Security compliance
    Partial compliance with policies and GDPR
    Improved alignment with standards
    Timeline
    Typically 3–4 weeks
    Project completed in 2 weeks
    More success stories with Datami
    Browse other project case studies
    Preparing a smart contract for release on Web3

    Preparing a smart contract for release on Web3

    • The code was prepared for certification.
    • The project was secured against 99% of known threats.
    Services:
    Smart contract audit (White-box source code review)
    Sep 16, 2025
    Web3 Project Random Walk: Smart Contract Audit

    Web3 Project Random Walk: Smart Contract Audit

    • Secure launch on Polygon mainnet ensured within 5 days
    • Risk level reduced from medium to minimal
    Services:
    Smart contract audit (White-Box source code analysis)
    Sep 2, 2025
    Smart Contract Audit of a Web3 Company

    Smart Contract Audit of a Web3 Company

    • The product was prepared for a secure market launch.
    • The risk was reduced from high to minimal.
    Services:
    Smart contract audit (White-box source code analysis)
    Aug 20, 2025
    Back to all cases
    Security image
    Ready to assess your project's security?
    Contact Datami — we’ll help you identify risks, strengthen your cybersecurity, and confidently pass certification.
    Datami articles
    Microsoft enables email bombing protection Datami Newsroom
    Datami Newsroom

    Microsoft enables email bombing protection

    Microsoft announced a new update to Defender for Office 365 that automatically detects and blocks email bombing attacks. The rollout started in June, and most users will receive the feature by mid-July 2025.

    Sep 12, 2025 3 min
    Cloudflare Repelled a Record DDoS Attack of 11.5 Tbit/s Datami Newsroom
    Datami Newsroom

    Cloudflare Repelled a Record DDoS Attack of 11.5 Tbit/s

    Cloudflare reported that it stopped the most powerful UDP flood DDoS attack aimed at exhausting system resources. In 35 seconds, the attackers flooded the company with traffic at 11.5 Tbit/s.

    Sep 5, 2025 2 min
    The Myth of HTTPS Reliability: How Encryption Can Mislead Users Datami Newsroom
    Datami Newsroom

    The Myth of HTTPS Reliability: How Encryption Can Mislead Users

    Among internet users, a long-standing myth has taken hold: if a website has the HTTPS mark - that is, a padlock in the address bar and the letter S after “http” - it means the resource is safe and trustworthy. But in reality, the situation is much more co

    Sep 3, 2025 3 min
    Show all articles
    Order a free consultation
    By submitting this form, I confirm that I have read and agree to the Privacy policy
    We value your privacy
    We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies. Cookie policy