Security Upgrade

Project description

How to ensure viable and safe tool, including info sec, while also testing the cyber security of the web app?

Context

AI-VO is currently developing its own AI tool aimed at providing teachers with an easy-to-use AI solution through a subscription model. While the front-end and back-end are nearing completion, cyber security hasn't received enough attention. Due to this factor, the product is currently not in a suitable condition for release. It is essential that the existing issues are addressed before launch.

Results

To conduct a comprehensive penetration test on AI-VO's web applications and associated infrastructure, with a specific focus on assessing the security of their AI products. The aim is to identify and exploit vulnerabilities that could compromise the confidentiality, integrity, or availability of sensitive data, intellectual property related to AI development, the availability of the products or the AI products themselves.
The aim is to resolve the issues found during the pen-tests, in order to create a viable and safe tool that is ready to be published for the big audience. This will also include at least the preparations to apply for a ISO27001 certification.

About the project group

We both have an Infra background. We have worked on this project for one semester, three days per week.