Lucra is a financial technology company that provides solutions for digital payments and e-commerce. They specialise in creating secure payment processing systems to modernise how organisations validate transactions.
Lucra came to OnSecurity for their first ever pentest via a recommendation from a technology provider. The organisation was looking to critically examine their web application, and provide comparison of their current security posture with established good practices.
Can you give us a general overview of your experience with OnSecurity?
Overall the experience was really great. Some key points that made it positive were the ease of use of the OnSecurity platform during and before the pentest. The whole process was super straightforward and easy.
How was the onboarding process with OnSecurity?
Even though this was our first pentest and we weren’t sure what to expect, it was a very efficient start and set-up with no unnecessary forms. We just answered a few questions over email and OnSecurity took care of the rest.
We had a few snags with setting up some test accounts but this was very quickly resolved. The testing process was clear, and they gave very easy-to-follow instructions to complete the pre-testing tasks so that the test could get underway efficiently.
How did OnSecurity perform Vs other vendors?
We’ve no direct previous experience to compare it to, but the whole process just worked and wasn’t a burden on us. Everything happened magically in the background without impacting business ops and assets - as we’d expect.
The entire team was attentive and responsive to issues raised.
From the testing, did you find the outcomes from the findings useful and why?
Their report demonstrating findings was concise and easy to understand for non-technical people. Remediations and recommendations were also clear, making it easy for our dev team to action. Getting security issues re-tested was simple and quick.
Would you use OnSecurity again?
We would happily use OnSecurity again and recommend them. In terms of price, they are very flexible and reasonable and we enjoyed our experience.
Conclusion:
OnSecurity provided an efficient and pain-free first pentesting experience for us and we liked the ease in which we could just go into the portal, grab a report and action it systematically based on the detail in the findings. Pentesting that does what it says on the tin!
