SIMSme Powered by Deutsche Post

SIMSme Business aces security audit

Recognized security testers from Cure53 examine new 2.5 release

Security is ingrained into the DNA of SIMSme Business. Each major release is therefore audited by external security experts, including the latest one, 2.5. Accordingly, the German IT security specialists from Cure53 once again checked compliance of the SIMSme Business Messenger app and its server systems with security fundamentals. This was done by so-called penetration tests as well as analysis of the SIMSme source code. Important checkpoints include end-to-end encryption as well as the handling of metadata. On the occasion of the new SIMSme Business Version 2.5 release, Cure53 again put the app and backend through their paces. The result is more than satisfying.

Logo Cure53
Cure53 is a german IT-security-specialist.

For the test conducted in December 2018 with more than 14 person-days, the testers had access to the SIMSme source texts and internal documentation. These “white box tests” are the gold standard in security analysis and allow the specialists the deepest insight into all the nooks and crannies of SIMSme Business. We are all the more pleased that only a few things were found and these were rated throughout as “low criticality” by the testers. Notwithstanding that, these points were immediately rectified.

Here is an excerpt from the SIMSme Pentest Report for the 2.5 release from December 15, 2018:

“After investigating the SIMSme scope, in particular focusing on the new 2.5 Release, Cure53 can only conclude that the overall security posture of the project is solid and praiseworthy. [..] Cure53 believes that the cycles of alternating development with penetration testing and security verification of new features have been successful in improving the security posture of SIMSme. [..] This is certainly an impressive and desirable result for any compound of this kind.”

Dr.-Ing. Mario Heiderich

The IT security expert was, among others, Security Researcher for Microsoft and is the founder and CEO of Cure53. The Berlin-based company specializes in penetration testing for online solutions as well as security analysis and investigation of malware. Cure53 consults on security aspects of IT architectures and crisis response after an IT attack. Since 2011, Cure53 has been conducting penetration tests for various IT solutions from Deutsche Post AG.

Heiderich Security Messenger Sicherheit
Dr.-Ing. Mario Heiderich [Photo: Heiderich]
Neueste Artikel
Neueste Artikel