AdvisoryRetailClient Story

Application Security Assessment of Point of Sale Systems

A Fortune 100 retail, media and entertainment conglomerate turned to Security Compass for assistance to assess the security of their point-of-sale systems.
Read our other Retail Client Stories.

End to End Security Assessment
Retail, Entertainment

Practice Areas
  • Network Security Assessment
  • Point-of-Sale Application Assessment
  • Configuration Review
  • Physical Security Assessment

Our Client’s Challenge:

  • A very high volume of retail transactions are performed on a daily basis, both in-person and online through our Client’s point-of-sale (PoS) terminal devices. These devices accept highly sensitive customer data that include personal information and financial data.
  • These PoS devices posed a high-risk target to our clients. It was important to have security assessments performed to validate that these PoS devices, the applications running on them, and network infrastructure supporting them did not have critical vulnerabilities that would compromise our Client’s customers sensitive data.

Our Approach:

  • Security Compass worked alongside our Client to understand the technical and business drivers for the terminals and recommended the following suite of PoS related assessments to help uncover potential vulnerabilities:
    • Network infrastructure assessment
    • Configuration review
    • Point-of sale-application assessment
    • Point-of-sale hardware assessment

The Result:

  • A number of recommendations were made after performing security assessments on the various PoS components; covering areas including network infrastructure, the applications, and hardware.
  • Additional assurance was provided to our Client through developing specific test cases to confirm vulnerabilities. We communicated detailed walk-throughs to demonstrate how an adversary might perform a PoS attack.
  • Leveraging our recommendations to protect customers, our Client was able to implement changes that helped strengthen the security posture of the PoS devices across the enterprise.
Armed with detailed findings and recommendations from Security Compass across both application and network layers, our Client was able to protect customers by strengthening the security posture of PoS devices across the enterprise.

Back to Client Stories

Our Advisory services team has more than a decade of experience focused on Application Security. We take a flexible approach to your strategic security problems.

Whether you are a global enterprise looking for advice on security strategy and governance, a major financial seeking support on regulatory compliance and penetration testing activities, or a startup looking for high quality assessments to give customers assurance for your business, we're here for you.

Our credentialed professionals are experts in how to break applications and fix code, who take pride in helping you succeed in your Secure SDLC and Secure DevOps programs. Contact us today to learn how we can help solve your organization’s application security challenges.