HUSPI is a mid-sized IT company registered in Poland that develops software for the healthcare, financial, and real estate sectors. Thousands of users work with its web platforms and APIs every day.
HUSPI operates in regulated industries and complies with international security standards (including GDPR), making the protection of personal, medical, and corporate data critically important for the company.
Datami assessed HUSPI’s internal infrastructure, including frontend and backend servers in Docker containers.
The primary method used was a white-box penetration test: the team had access to technical information for the most in-depth analysis.
We combined manual and automated testing methods, analyzed configurations, and examined inter-container interactions. SSH access enabled work in the live environment.
Despite a limited budget, the team identified critical vulnerabilities and provided effective recommendations.
During the project, Datami used specific scenarios to test Docker container isolation and adapted the workflow in response to access delays.
Analysis of the key components of the container environment enabled the team to cover priority risk areas and respond promptly to client requests.
Every
At the start of the project, HUSPI’s internal infrastructure faced high risks: lack of container audits and weak network segmentation posed threats to sensitive data.
During the white-box pentest, Datami discovered 9 vulnerabilities: 2 critical (including database access via inter-container communication), 3 medium, and 4 low.
HUSPI received clear recommendations to strengthen cybersecurity:
After implementing the recommendations, the risk level was reduced to medium: the likelihood of data loss due to inter-container communication decreased by 80–90%, helping to avoid over $50,000 in potential financial losses.
The project was completed in 2 weeks instead of the standard 3–4. Critical vulnerabilities were fixed by the client within 24 hours.
With Datami’s help, HUSPI improved its cybersecurity in just 2 weeks: the company gained a clear picture of potential risks, received an actionable roadmap, and strengthened its GDPR compliance. All project objectives were achieved.
This case proves that even companies specializing in complex digital solutions need regular penetration testing to avoid financial, legal, and reputational losses.
Metasploit is known for everyone interested in cybersecurity. It is not just a framework but a key driver of ethical hacking and pentesting, becoming the standard for thousands of professionals.
More than 40 fraudulent programs have been identified in the Mozilla Firefox browser. These extensions mimic legitimate wallet tools from popular platforms. The large-scale campaign has been ongoing since April 2025.
According to recent data, applications were discovered that loaded out-of-context ads onto users’ screens. The applications have already been removed by Google from the Play Store. The peak activity exceeded 1.2 billion requests per day.