Polar Cove - Clients

These case studies represent some of Polar Cove’s recent work. The clients’ names are not used.
Most of our clients prefer not to be identified publicly. Prior to an engagement, many of our clients have generously offered to provide references.

Polar Cove was engaged by one of the 3 largest home furnishings manufacturers in the United States. The client had recently spent 1.5 million dollars on a multi-tiered web application from a large vendor. When the company approached Polar Cove, the application did not work, and it was extremely insecure.

The web application did not work. Connections to the interior infrastructure were failing. The company had no security strategy.
The web application exposed a significant portion of the client’s established and stable IT infrastructure to the Internet for the first time. The IT infrastructure that the web application was connecting to encompasses the entire national IT infrastructure for company including four other divisions.
New code was needed to effectively create an application layer security choke point between the web accessible front end tier and the back end data tier.

Polar Cove was engaged to optimize the middleware code so that it could handle multiple connections and would authenticate, encrypt, and qualify those connections in a secure manner meeting the client’s security policy. The application uses a mixture of Apache, NT, IBM DB2, and Sun J2EE. It is distributed on five servers, including an AS/400 backend, all of which are served to the Internet via a Public/Private screened and DMZ network architecture.

Polar Cove designed a secure middleware application for the client using the Java 2 Platform, Enterprise Edition (J2EE). We employed a comprehensive application security model that grants rights to perform certain actions according to a code level security policy. Specifically, Polar Cove used a security framework called RMI (or Remote Method Invocation). A security code was written and installed. As a result, the client can now control and restrict access to objects connecting across the network. Our middleware code is hosted on a separate server, and it allows or disallows certain actions, for example writing to a file, depending on security policy.

Our client is a leading provider of wholesale and retail telecommunications services, using its own Tier-1 network infrastructure to route calls worldwide. The company has introduced innovative products and services and maintains global business alliances. The client is among the Forbes 500 and is listed on the New York Stock Exchange.

The client was suffering from an intrusion into its Network operations and data centers by a Russian hacker group. The group was using numerous servers and bandwidth to set up a national network for distributing pirated software.

Polar Cove analyzed all the available information to characterize and understand the intrusion. We then used computer forensic techniques to contain, collect, and protect information associated with the intrusion, after which we minimized the negative impact, and eliminated the means of access.

The National Governing Body (NGB) for an international sport engaged Polar Cove for a vulnerability assessment. The client and was chosen by Congress as the NGB for the sport through the Amateur Sports Act. The client’s core business relies on its membership list and on maintaining its position as a NGB.

The client was concerned about the security risks to its extensive membership list of highly visible individuals. In addition, they needed to be sure that financial and contribution information was secure from either intrusion via the Internet or internal threat. The danger to the client was that private information exposure would debilitate the organization's ability to recruit and maintain members and could even put their position as a National Governing Body at risk. At the very initial stages of the vulnerability assessment engagement, Polar Cove identified evidence of current and active penetration of one of the client’s servers.

Polar Cove penetration analysis was applied using advanced forensic techniques to analyze, contain, and then eradicate the source of the intrusions. Polar Cove then conducted penetration testing on the rest of the network to gauge the risk exposure of the client’s interior private network. Polar Cove successfully cracked several passwords, gained access, exploited services, and then escalated privileges to full administrative rights. From the Internet, we successfully gained access to and took screen shots of the interior private network. Polar Cove also was able to demonstrate exposed financial data, membership data, and private information. Penetration testing was able to reach right to individual workstations. This information was used to create a specific report describing the strengths and weaknesses uncovered in each tested area. Recommendations from Polar Cove assessments included both tactical and strategic options, as well as both immediate and longer term steps and resolutions.

The client continued to work with Polar Cove after we identified a critical application vulnerability that had the potential to expose 30 years of highly technical development work that had been done by the client. The purpose of the application was to bring the client's most expensive, proprietary, and critical intellectual property to the Internet so that it could be used in commerce world-wide. Working with the client, Polar Cove secured the code, the servers, and the network which allowed the code to graduate from an expensive research project to a profit center. We established security policies for the application, and we continue to monitor for vulnerabilities.

Our client operates a business to business enterprise that offers standardized communication structure for matching global suppliers of stock components with package developers in the Cosmetic and Fragrance Industry. With high profile clients like Estee Lauder, Revlon, and Avon, security and confidentiality was a major factor in establishing a stable and secure enterprise system.

The application was being penetrated by an intruder, and
the entire application needed to be secured from future intrusion.

Polar Cove first had to deal with an intrusion and then secure the commerce platform. We profiled intrusions and intruders via a forensic analysis of the hosting platform. Counter measures were launched to respond successfully against the intruder. Polar Cove then configured the servers and applications to exceed the National Security Agency and the FBI’s guidelines for secure servers. We trained personnel in the use of the system, brought it online, and continue to manage its security.

Our client needed to develop a complex, interactive application for online selling, dynamic commerce, and real time auctions. The entire system, which used a multi-tiered online application with Siebel System middleware, had to be secure.

The entire application and network environment needed to be assessed and secured, and a security strategy needed to be developed.

Polar Cove reviewed the configuration files and source code for the web and internet application, operating system, database, and middleware component. We then evaluated the security controls of each component including policy; organization; personnel; asset classification and control; access mechanisms; network and computer management; business continuity; and system development and maintenance. Polar Cove provided a detailed report identifying short and long term improvements and a development framework for the implementation plan. We continue to work with the client providing intrusion detection, penetration analysis, security strategy, and security policy and training.