Strengthening CyberTarcza Security for Fujitsu

15 February 2025
Ask A Question

Fujitsu, a global tech leader, needed a thorough security audit for their CyberTarcza platform. They were concerned about potential vulnerabilities in the system, which was originally developed by an external team.

1
Challenge
When Fujitsu contacted us, their CyberTarcza (CyberGuard) platform was already in production, protecting sensitive infrastructure. However, the system’s code had been written by a third-party team that, as it turned out, had cut a few corners. The development team lacked experience with secure coding practices, and the software had never undergone a proper security review.

Full Case Study

When Fujitsu contacted us, their CyberTarcza (CyberGuard) platform was already in production, protecting sensitive infrastructure. However, the system’s code had been written by a third-party team that, as it turned out, had cut a few corners. The development team lacked experience with secure coding practices, and the software had never undergone a proper security review.

The risk was significant. CyberTarcza was designed to protect critical resources, but if hackers exploited even a single vulnerability, the entire platform could be compromised. Fujitsu needed a team that could quickly assess the situation and provide actionable solutions.

2

What We Did

We performed a comprehensive security audit, combining manual code analysis with advanced internal tools. Our team identified multiple anti-patterns and critical security flaws that could have compromised the system’s integrity. We then delivered a detailed report outlining each issue, its potential impact, and the recommended fixes.

Our security audit process involved several key steps:

  1. Manual Code Analysis: We started by manually reviewing the source code, focusing on authentication processes, data handling, and encryption mechanisms. This initial sweep revealed poor password hashing practices, outdated encryption protocols, and multiple instances of hard-coded sensitive information.

  2. Automated Scanning with Internal Tools: Next, we used our proprietary internal tools to scan the codebase. These tools flagged several high-risk vulnerabilities, including SQL injection points, insecure API endpoints, and missing input validation.

  3. Identifying Anti-Patterns: Beyond security flaws, we discovered a range of architectural anti-patterns – poor separation of concerns, excessive reliance on global variables, and inefficient database queries that could have slowed the system under load.

  4. Creating a Clear Action Plan: We documented all findings in a structured report, detailing each issue, why it mattered, and how it could be exploited. For every vulnerability, we provided step-by-step instructions on how to fix it, complete with code snippets and best practices.

3

The Result

The audit helped Fujitsu close security gaps, improve performance, and pass a subsequent external security review with confidence.

Why It Was Important to the Business: CyberTarcza isn’t just another application – it’s a defense tool designed to protect critical infrastructure. A single successful attack could have compromised sensitive data, disrupted operations, and damaged Fujitsu’s reputation.

Our audit helped ensure that the platform was no longer an easy target. By fixing the identified vulnerabilities, Fujitsu’s security team could confidently present the system to external auditors, knowing it met high standards of protection.

The Results:

  • Critical vulnerabilities were patched, significantly reducing the attack surface.

  • System performance improved after optimizing inefficient code.

  • The platform passed an independent security audit shortly after implementing our recommendations.

Lessons Learned & Insights: Security is often treated as an afterthought, but this case reinforced the importance of building security into the development process from the start. If you’ve inherited a codebase from another team or suspect your system might have hidden vulnerabilities, a thorough security audit can provide clarity and peace of mind.

Is your software secure enough to withstand today’s threats?
If you’re unsure, it might be time to take a closer look.

Other Projects

From Chaos to Clarity: How NATALI Transformed Salon Management with a Custom CRM and Booksy automation

NATALI, a well-established hair salon business, was using Booksy for managing bookings, but it lacked advanced features for customer segmentation and automation. They needed a more tailored solution to track salon performance in real-time and gain deeper insights into their customer base.
1
Challenge
While Booksy handled basic appointment scheduling, it fell short when it came to business analytics and automation. NATALI struggled to segment their customers, track business performance across multiple locations, and implement automated processes to enhance customer engagement and retention. Additionally, their data was scattered across multiple systems, requiring manual merging of reports every month just to get a clear picture of their business performance. This process was time-consuming, error-prone, and prevented them from making real-time decisions.
2

What We Did

We developed a custom Salon CRM that seamlessly integrated with their existing booking system while providing advanced data visualization dashboards. More importantly, we consolidated all fragmented data into a single, reliable platform, eliminating the need for manual data merging and giving NATALI instant access to real-time insights.
3

The Result

NATALI now has a fully customized solution tailored to their business needs, enabling them to make data-driven decisions, enhance customer retention, and streamline daily operations.
Get the Full Stories

Accelerating Development for Strøm – A Danish Digital Transformation Studio

Strom, a fast-growing Danish software company, was struggling to keep up with development demands across multiple projects. They needed a flexible, skilled team that could step in and accelerate progress without slowing things down with lengthy onboarding
1
Challenge
With too few developers and too many tasks, Strom’s projects were falling behind. The lack of versatile full-stack developers made it difficult to deliver features, implement fixes, and respond to client requests on time.
2

What We Did

We provided a team of experienced full-stack developers who quickly integrated with Strom’s existing processes. Our developers’ broad skill sets allowed them to work across various stacks, significantly increasing development speed and productivity.
3

The Result

Development velocity increased dramatically, helping Strom meet deadlines, satisfy clients, and reduce backlog pressure.
Get the Full Stories

Developing a Custom BWC System for KTA and the Polish Police

KTA needed a reliable, secure system for managing Body-Worn Cameras (BWC) for the Polish police. The system required custom software and hardware solutions, along with passing stringent government tests.
1
Challenge
The police needed a platform to record, upload, and manage BWC footage while ensuring secure evidence handling. The solution had to pass rigorous testing at the National Institute of Telecommunications.
2

What We Did

We built a complete BWC system from scratch, including a custom UI, a secure backend, microservices, and proprietary docking stations for automatic uploads and charging.
3

The Result

The system passed all government tests, streamlined evidence management.
Get the Full Stories

Turning Data into Actionable Insights for GuidePoint Systems

GuidePoint Systems, a leader in vehicle tracking and management, needed better visibility into their data. Their teams were surrounded by numbers but lacked a clear, accessible way to turn that data into useful insights.
1
Challenge
The company had large amounts of data about stock, dealers, and vehicles, but it was scattered across systems and difficult to interpret. Sales teams struggled to use this data to drive conversations with clients, and decision-makers didn’t have a real-time view of performance. Without clarity, growth opportunities were slipping by.
2

What We Did

We built a custom data visualization solution that made their numbers come to life. Instead of disconnected reports and endless spreadsheets, GuidePoint now had intuitive dashboards tailored to different teams. Salespeople could see live updates on inventory and dealer performance, while leadership could monitor overall business health in real-time.
3

The Result

While we don’t disclose exact figures, GuidePoint experienced noticeable improvements in performance soon after implementation. Sales teams reported more confident interactions with clients, operations saw better stock control, and leadership could finally make decisions based on current data instead of month-old reports.
Get the Full Stories

Let’s Talk Solutions

Every Great Solution Starts with a Conversation

We’re here to understand your challenges, answer your questions, and explore how we can make a difference for your business.

Whether you have a clear project in mind or need some guidance on where to start, let’s discuss what’s possible.

Start a Conversation

Czerniakowska 145/1
00-453 Warszawa
Polska
Linkedin
NIP: 5242971508
REGON: 525267969
Phone: +48 514 380 928
E-mail: office@codevenom.co
Privacy Policy
© 2025 CODEVENOM. All rights reserved.