Bingli
Cyrex partnered with Bingli to conduct comprehensive penetration testing of its AI-driven medical assessment platform, identifying vulnerabilities and delivering actionable remediation guidance to strengthen data security and regulatory compliance.
The Challenge
Protecting Sensitive Healthcare Data in an AI Platform
Bingli operates in the healthcare technology space, where artificial intelligence supports medical assessment and patient-doctor interactions. The platform processes sensitive medical data, making confidentiality, integrity, and availability critical.
In healthcare environments, security is not optional. It directly impacts:
- Patient data privacy
- Regulatory compliance
- Trust between providers and patients
- Platform reliability
As reliance on digital health solutions increases, so does the attack surface. Bingli required a structured security assessment to identify weaknesses before they could be exploited.
The objective was clear: evaluate the resilience of the platform’s security controls and reinforce its overall security posture.
The Cyrex Solution
Structured Penetration Testing Engagement
Cyrex conducted a full penetration testing engagement on Bingli’s medical assessment platform, applying a methodical and transparent approach.
Our objective was to:
- Identify vulnerabilities across the application
- Assess existing security controls
- Provide actionable remediation guidance aligned with Bingli’s workflows
Phase 1 – Passive Reconnaissance
The engagement began with comprehensive reconnaissance.
Our team analyzed:
- Application architecture
- Technology stack and programming languages
- Functional workflows
- Exposure points and potential attack surfaces
This phase established a clear scope and deep technical understanding of the platform before active testing began.
Phase 2 – Active Penetration Testing
With reconnaissance complete, Cyrex performed a manual penetration test simulating real-world attack scenarios.
This phase focused on:
- Identifying exploitable vulnerabilities
- Testing authentication and authorization logic
- Assessing input handling and data validation
- Evaluating resilience against common web application attack vectors
Manual testing formed the core of the engagement, ensuring findings were based on contextual analysis rather than automated scanning alone.
Phase 3 – Reporting & Remediation Guidance
Following testing, Cyrex delivered a comprehensive report detailing:
- All identified vulnerabilities
- Risk severity and potential impact
- Exploitation scenarios
- Clear, prioritized remediation recommendations
Recommendations were tailored to Bingli’s operational environment, ensuring security improvements could be implemented without disrupting platform workflows.
The Outcome
Strengthened Security Posture & Actionable Improvements
- Identification of application-level vulnerabilities
- Clear remediation guidance aligned with healthcare compliance needs
- Improved resilience against potential cyber threats
- Reinforced protection of patient and provider data
Client Feedback
Bingli
“Cyrex played a crucial role in bolstering our cybersecurity through their pen testing services. Their team not only identified vulnerabilities in our system but also provided clear and actionable recommendations to enhance our security posture. While there’s always room for enhancement, we appreciate Cyrex’s dedication to delivering a service that significantly contributed to our overall security strategy.”
Don't Let Players Find the Weakness
Your launch is months away. Hackers will find exploits in hours. Let our engineers secure your game before it's too late.
Response time: <24 hours • NDA included • No commitment required