Pentesting and Security enhancement for Lemberg Solutions

by Olga Kovalenko 16.04.2025 5 min read
penetration testing services for software company
​​Client: Lemberg Solutions
Industry: IoT and Software Development
Company Size: 200+ Employees
Services Used: Penetration Testing, Phishing Simulations, Security Training

Save this case study in PDF

Download PDF
Let’s talk!

Reach out to discuss your needs and see how Iterasec can help.

Contact us

Client

Lemberg Solutions is an IoT and software development company with over 200 employees. Specializing in developing complex IoT solutions, they serve industries such as healthcare, automotive, smart consumer devices, and many others. With more than 15 years of experience in digital, cloud, embedded, and data science fields, Lemberg Solutions has established itself as a key player in the industry. Their deep industry knowledge and commitment to clients' goals have consistently delivered top-notch software development services that bring real business value.

Background

As Lemberg Solutions continued to grow, they developed an internal ERP system called Lemberg Hub — a self-written tool created by their employees. This system was pivotal for managing essential business processes such as hour logging, invoicing, and resource management. However, with the increasing complexity of the system and its expanding user base, concerns arose about potential security vulnerabilities and unauthorized access to sensitive resources.

The Challenge

Lemberg Solutions approached Iterasec with several pressing security concerns:
Employee Susceptibility to Phishing: The company observed a tendency among employees to fall victim to phishing attempts and social engineering attacks, increasing the risk of security breaches.
Need for Security Awareness Training: There was a pressing need to enhance the overall security awareness among employees to build a culture of cybersecurity vigilance.

The Solution

Iterasec provided a comprehensive cybersecurity services tailored to Lemberg Solutions' needs.

Penetration Testing of Lemberg Hub

  • In-Depth Security Assessment:

    Conducted thorough penetration testing on the Lemberg Hub to identify and exploit vulnerabilities.

  • Identification of Critical Issues:

    Discovered significant security flaws, including unrestricted administrative access and privilege escalation vulnerabilities.

  • Actionable Remediation Plan:

    Provided detailed reports outlining the vulnerabilities and offered actionable recommendations to remediate the issues effectively.

Phishing Simulation and Employee Training

  • Phishing Simulation Exercise:

    Executed a controlled phishing simulation by sending crafted emails to employees to assess their susceptibility to social engineering attacks.

  • Analysis of Results:

    Evaluated the simulation outcomes to identify patterns and areas where employees were most vulnerable.

  • Security Awareness Training:

    Conducted comprehensive training sessions to educate employees about phishing, social engineering, and best cybersecurity practices, fostering a security-conscious culture.

The Outcome

The collaboration with Iterasec led to significant improvements for Lemberg Solutions:
Secured Internal Systems: Critical vulnerabilities within Lemberg Hub were identified and rectified, significantly enhancing the security of their internal ERP system.
Increased Employee Security Awareness: The phishing simulation and subsequent training resulted in a marked improvement in employee awareness, reducing susceptibility to phishing and social engineering attacks.
Strengthened Security Culture: The company developed a robust security culture, with employees actively participating in maintaining and enhancing cybersecurity measures.

Conclusion

Our holistic approach enabled Lemberg Solutions to overcome critical security challenges, secure their internal systems, and foster a culture of cybersecurity awareness. Iterasec helped Lemberg Solutions protect their valuable assets and maintain their reputation for excellence by addressing both technological vulnerabilities and human factors. Iterasec's is dedicated to deliver tailored cybersecurity services that resolve immediate issues and contribute to long-term resilience and success for our clients.