Feedback after a Security Audit

Enhanced Security: Our Experience with the Expert Light Security Audit (powered by iDempiere) by Orange Cyberdefense

Hello to all members of the iDempiere community!

Today, TGI is delighted to share with you an enriching and reassuring experience we recently had.
As a provider of SaaS software based on the open-source ERP iDempiere, the security of our solutions is an absolute priority.
That’s why we decided to submit our application to a rigorous security audit conducted by Orange Cyberdefense‘s experts.


Results are not only excellent, but they also attest to the effectiveness and robustness of iDempiere !


Why a Security Audit?

In a world where cyber threats are constantly evolving, it is crucial to ensure that our systems are protected from vulnerabilities.
A security audit helps identify potential weaknesses and strengthen protective measures. We opted for a combined black-box and grey-box approach to cover a wide range of attack scenarios.

Results: We are pleased with what we believe is a “remarkable performance”.

The conclusions of the audit conducted by Orange Cyberdefense are extremely positive.
Here are some key points worth highlighting:

  • User Account Protection: It is impossible to identify existing user accounts on the application. This means that our users’ sensitive information is well protected against malicious identification attempts.
  • Resistance to Injections: The experts were unable to perform SQL or JavaScript injection attacks on the various fields and forms of the application. This resistance demonstrates the strength of the code and secure development practices.
  • Management of Malicious Files: It was not possible to upload malicious files, whether through the file upload feature or the contact feature. This ensures that our environment remains healthy and free from threats.
  • Robust Access Control: Users can only access the data and features assigned to them. No vulnerabilities were detected that would allow unauthorized access, reinforcing our clients’ confidence in the security of their information

A Strong and Secure Community

These results are not just a victory for our team, but for the entire iDempiere community.
They demonstrate that the open-source ERP we rely on is not only flexible and powerful but also extremely secure.
We are proud to contribute to this dynamic community and to share our experiences to inspire other members to follow similar practices.

Conclusion

The security audit conducted by Orange Cyberdefense was a crucial step for us, and we are thrilled with the results.
We will continue to invest in the security of our solutions to provide our clients with a serene and reliable experience.

Thank you to all members of the iDempiere community for your support and continued engagement.
Together, we are building a safer and more innovative future!