Add Value S.r.l., based in Verona, is an IT company that develops innovative and high-quality IT solutions for the banking, insurance, and industrial sectors. Founded in 1995, the company combines expertise in various technological areas—both traditional and cutting-edge—to create custom software and business innovation solutions. Add Value S.r.l. offers a range of services including the development and implementation of software applications, maintenance and evolution of existing software, and the management of clients’ digital assets. They employ state-of-the-art methodologies and technologies to ensure that their solutions are efficient, secure, and long-lasting.
TSV8 is an advanced solution for spending analysis and management, called "Total Spending Visibility." This tool is designed to help multinational companies optimize procurement processes and improve the visibility of their indirect spending through detailed, automated, and categorized order analysis. To ensure the security of TSV8 and reassure clients that their data was protected, Add Value S.r.l. relied on ISGroup SRL.
The Challenge
The main objective of Add Value S.r.l. was to guarantee the security and reliability of the TSV8 application for its clients. To achieve this goal, the company requested ISGroup SRL to perform a Web Application Penetration Test (WAPT) on the platform. It was essential to identify and address any vulnerabilities to protect sensitive data and enhance spending visibility through detailed and automated analysis.
ISGroup SRL's Intervention
The ISGroup SRL team carried out an in-depth and detailed Web Application Penetration Test on the TSV8 application. The analysis included the evaluation of existing security measures and the execution of manual penetration tests to simulate real attacks. This approach enabled the identification and resolution of potential technical and logical vulnerabilities, ensuring the platform complied with the highest security standards. In addition to the WAPT, ISGroup SRL also conducted Vulnerability Assessment (VA) and Penetration Testing (PT) activities on Add Value S.r.l.’s entire IT infrastructure, providing excellent protection against potential threats.
Results and Benefits
Thanks to ISGroup SRL’s intervention, Add Value S.r.l. was able to significantly improve the security of its application. Giampietro Calabrese, CISO & Operations Director at Add Value S.r.l., stated:
Thanks to the VA-PT activities carried out with ISGroup, we were able to identify critical areas in the security of our IT infrastructure and products, and to design and implement the corresponding remediation plans. At the end of this meticulous work, we can confidently say that the security level of our systems is now rated very high.Giampietro Calabrese
Calabrese continued, highlighting the positive impact on the organization:
The experience with ISGroup allowed us to grow as an organization, both in terms of awareness of cybersecurity risks and in terms of the technical skills needed to build, maintain, and evolve IT systems with a high degree of security.Giampietro Calabrese
The overall experience with ISGroup SRL was extremely positive. Calabrese commented:
We appreciated ISGroup’s expertise in cybersecurity topics, their autonomy in carrying out the work, and the quality of the reports and documentation delivered. Moreover, we were particularly impressed by their client-oriented approach—they were always available to meet our diverse needs. We see ISGroup not only as a supplier, but as a partner.Giampietro Calabrese
