Beijing Hesi Information Technology Co., Ltd. ("Hesi") is committed to the innovation of cloud products and services. At present, Hesi has provided more than 1,000 large-scale listed companies and 3,000 leading companies in subdivided fields with comprehensive financial digital services such as intelligent aggregated consumption, expense control and reimbursement, collection and payment management, financial revenue and expenditure analysis, and electronic accounting files. Help customers achieve cost reduction and efficiency increase, compliant operation and low-carbon operation.
Recently, Hesi Information will launch a new official website system developed by a third-party manufacturer. The official website system needs to be connected to an external search engine, customer service system and internal CRM system. Once a security problem occurs, it may threaten the company's internal system. At the same time, as a provider of a financial revenue and expenditure management platform, the network and data are the most important parts of its customers. The official website is an important publicity platform for Hesi, and it is necessary to ensure system security. Since the system is developed by a third-party vendor, Hesi is worried that there may be malicious codes or loopholes in the system, threatening the security of the website and causing damage to the brand image.
Through the comparison of multiple manufacturers, Hesi believes that the security services provided by Kaiyuan Network Security are more diverse and more three-dimensional, and Kaiyuan Wangan has a complete software security product system, which can help Hesi to extend to more business needs in the later stage and security scenarios. After multiple rounds of code audit work, the code audit platform has detected nearly 100,000 lines of code, detected multiple dangerous loopholes, and carried out comprehensive repairs.
| Detection method |
Tool detection + manual analysis |
| Test content |
Design flaws, component risks, coding risks, and programming flaws in source code |
| Number of system languages |
4 types |
This code inspection service identified design flaws, component risks, coding risks, and programming flaws in the source code, and provided improvement suggestions and best safe coding practices, improving the security and robustness of the application system and avoiding source code The defects and deficiencies of the system have an impact on the normal operation of the system and business. After the launch of the new official website, the security of the official website and user privacy are effectively guaranteed, the brand image is enhanced, and users can enjoy financial digital services more safely.
