Independent Security Assessment Report for Whistleblowing Solutions AB

This document is an Independent Security Assessment Report performed by CT Defense LTD for Whistleblowing Solutions AB. The assessment aimed to evaluate the security and resiliency of the client's Web Application and API Security Assessment scoped assets. The methodology used is based on best practices from various recognized frameworks, including NIST and OWASP. The report details the processes undertaken, including both unauthenticated and authenticated testing to identify vulnerabilities. It outlines the findings of the security assessment, including identified vulnerabilities and remediation advice provided to the client. A remediation verification was conducted to confirm that the majority of findings were addressed. The report concludes that the vulnerabilities pose a low risk to the client's systems, with all high-risk vulnerabilities remediated and multiple security controls in place. The assessment was conducted within a defined timeframe and under specific constraints, ensuring a thorough analysis of the client's security posture.