The energy sector is becoming increasingly digitalized and connected, offering advanced online services to customers. However, this evolution brings new challenges in terms of cybersecurity. Sorgenia, the first green-tech energy company in Italy, recognized the importance of protecting its digital assets to ensure a secure and reliable user experience. For this reason, it chose to collaborate with UNGUESS, leveraging the strength of our ethical hacker community to identify and resolve vulnerabilities before they could turn into real problems.
The Goal: Securing Sorgenia’s Digital Platforms
Sorgenia had a clear objective: to strengthen the security of its digital platforms to prevent cyber threats and protect customer data. Achieving this goal required a structured and proactive approach that extended beyond traditional testing methods.
This is why UNGUESS was selected to support Sorgenia with an advanced testing process based on two key phases:
- Vulnerability Assessment: A broad-spectrum initial scan covering around 300 digital assets, including IP addresses and websites, using advanced tools and automated techniques.
- Bug Bounty Program: A continuous testing cycle that involved certified ethical hackers capable of identifying vulnerabilities that traditional methods often miss.
Testing Methodology Adopted
The entire testing process was structured into several phases to ensure in-depth analysis and timely interventions:
- Identification of Critical Vulnerabilities: The Vulnerability Assessment mapped and analyzed the most sensitive areas of Sorgenia’s digital platforms.
- Continuous Testing with the Bug Bounty Program: Engaging ethical hackers enabled constant monitoring and real-time reporting of vulnerabilities.
- Rapid Report Management: Reported vulnerabilities were processed in less than 5 minutes, allowing for swift and targeted action.
- Bug Fix Verification and Regression Testing: Each identified bug was fixed and retested to ensure that the implemented changes did not cause new issues.
The Results Achieved
Thanks to the collaboration with UNGUESS, Sorgenia obtained concrete and measurable results:
- 10 critical vulnerabilities identified across approximately 300 digital assets.
- 30 significant vulnerabilities managed, including risks such as Path Traversal.
- 50 certified ethical hackers involved to ensure thorough testing.
- Reduced report processing time, with reports handled in under 5 minutes.
By adopting this innovative approach, Sorgenia enhanced the security of its digital platforms, improved the skills of its internal IT team, and reduced response times to identified vulnerabilities.
UNGUESS’ Contribution to Sorgenia’s Digital Security
Through crowdtesting, UNGUESS enabled Sorgenia to test its systems under real-world conditions, leveraging a global network of ethical hackers to identify critical vulnerabilities and ensure continuous protection. This method made the testing process faster, more effective, and adaptable to the company’s specific needs.
As highlighted by Sorgenia’s team:
"UNGUESS allowed us to adopt a dynamic approach to cybersecurity, identifying vulnerabilities promptly and ensuring a level of protection that goes beyond traditional testing methods."
Download the full Case Study
Want to learn more about how Sorgenia strengthened the security of its digital platforms? Download the full case study to discover the process, the strategies implemented, and the results achieved.