Dr.Max, a leading pharmacy chain in Slovakia and central Europe, entrusted us with security testing for its newly-opened online store, both the public-facing side and the administrative back-end. After discussion, we agreed to conduct the testing based on the full scope of the OWASP methodology, encompassing a broad spectrum of web vulnerabilities. The company’s goal was to utilize penetration testing to discover critical defects and vulnerabilities in its web application which might have an impact to the business or which might put customer data at risk.
After defining the scope and being granted access, we began independent testing. The project team consisted of two seasoned ethical hackers. During testing we were able to identify vulnerabilities of several sorts which might have significant client impact. We communicated these to both the client and the provider of the e-shop software as they arose, and fixes were applied in an ongoing fashion. We documented all of our findings and compiled them into a final report. This report summarized and provided insight into the vulnerabilities found, giving detailed descriptions for each defect and scoring them for both severity and likeliness of exploitation. “At Dr.Max we place emphasis on professional services in all areas, be it in a brick-and-mortar pharmacy or online. Citadelo’s penetration testing enabled us to bring our online e-shop’s security up to a professional level. They responded to every situation that came up flexibly, dynamically, and with a high level of expertise.”
Slavomír Záborský, Head of IT, Dr.Max Slovakia
Lekárne Dr.Max is a leading pharmacy in Slovakia and central Europe. There are more than 220 pharmacies in Slovakia under this brand, employing more than 1300 people. Both in its physical pharmacies and online, Dr.Max offers a broad range of pharmaceuticals, treatments, nutritional supplements, cosmetics, and health aids. With its many years of experience and stable position, the firm provides a high standard of pharmacy services and achieves preferred partner status with both suppliers and health insurance companies.