The client, a hedge fund with over $21 billion in assets, hired 2Secure Corp to perform a penetration test of their public-facing web application. The tester was able to bypass the password reset mechanism using SQL injection. To address this, 2Secure recommended the client use parameterized queries, double up single quotation marks in user input for SQL queries, and use stored procedures for database access. The client received a detailed report with recommendations to mitigate the findings. In conclusion, the penetration test helped the client improve the security and control of their web application.