Creactives S.p.A., a global leader in AI for the Supply Chain, offers AI-based solutions for item master data cleansing/enrichment and governance, spend analysis, and Data Assistants. The company has developed a series of innovative solutions such as the Knowledge Engineering Platform, TAM4, and DataAssistants. With a global presence and a focus on complex industries such as manufacturing, utilities, and oil & gas, Creactives needed to ensure the highest levels of security and compliance for its IT systems and applications.
The Web Application Penetration Test conducted by ISGroup SRL, along with support in the creation and maintenance of an Integrated Security Management System (ISMS) compliant with ISO 27001, ISO 27017, and ISO 27018 standards, enabled Creactives to strengthen the security of its platforms and provide clients and partners with a high level of reliability and data protection. This case study highlights the importance of integrated security management and collaboration with experts in cybersecurity.
The Challenge
The main goal of Creactives S.p.A. was to ensure the security and compliance of its technology platforms, while also aligning its entire organizational process with the most stringent international standards. To achieve this, the company requested ISGroup SRL to conduct a Web Application Penetration Test on its main applications and support them in the creation and maintenance of an Integrated Security Management System (ISMS) compliant with ISO standards.
ISGroup SRL's Intervention
The ISGroup SRL team carried out a detailed Web Application Penetration Test on the Knowledge Engineering Platform, TAM4, and DataAssistants applications, identifying and mitigating potential vulnerabilities. In addition, ISGroup provided consulting and support in the creation and maintenance of the Integrated Security Management System (ISMS) to ensure Creactives’ compliance with ISO 27001, ISO 27017, and ISO 27018 standards, as well as delivering specialized training on secure software development and cybersecurity awareness.
Results and Benefits
Thanks to ISGroup SRL’s intervention, Creactives S.p.A. was able to establish an ISO-compliant Integrated Security Management System, strengthen the security of its applications, and ensure the protection of the data it manages. Stefano Luzi Crivellini, Chief Administrative Officer and Chief Delivery Officer of Creactives Group S.p.A., stated:
The intervention by ISGroup SRL allowed us to create an Integrated Management System aligned with international standards such as ISO 27001, ISO 27017, ISO 27018, and ISO 9001, ensuring the protection of our data and the security of our applications. Furthermore, thanks to their consulting, we were able to regularly perform Vulnerability Assessments and Penetration Tests on all our products, thus guaranteeing a high level of security for our clients.Stefano Luzi Crivellini
The overall experience of working with ISGroup SRL was extremely positive. Stefano Luzi Crivellini added:
The professionalism and extensive experience of ISGroup SRL in the field of cybersecurity made a real difference. Their support was crucial not only for creating and maintaining our Integrated Management System but also for training our software development team according to OWASP standards and raising company-wide cybersecurity awareness. Thanks to their contribution, we successfully passed external audits, demonstrating our compliance with the required standards.Stefano Luzi Crivellini
