Experiencing a Breach? [email protected] | Safetech Blog
Penetration Testing Services
Introduction
Our European banking customer, with over 10,000 employees, wanted to thoroughly test the security robustness of its customer-facing website. The bank in question wanted to understand how secure the website was, where any frailties were located and how to mitigate the issues found. This would help the bank to remain compliant with industry regulations, but more importantly, ensure they are fully aware of potential security gaps and how to fill them.
The Challenge
Case studies give potential customers a real-life example that they can identify with. Choose a customer with a great story: maybe someone who increased profits or reduced churn thanks to your company. Conduct an interview with that customer to hear what they have to say.
The Solution
Safetech’s team of Crest accredited offensive security specialists conducted several tests that are representative of an attacker’s approach to finding vulnerabilities. Our team tracked their findings and then provided the client with a probability and clear risk factor score. This gave our team and the client a clear understanding of the vulnerabilities and, more importantly, how we could rectify them.
After completing all of the tests our client received a detailed report which included all details of the completed tests; outcomes, results and. The report included a list of all vulnerabilities found, details of the severity and scale of each vulnerability, how they have been exploited and, crucially, advice on how to remediate the vulnerability. The report was structured to allow it to be easily digested by the board as well as clear and actionable for the security team.
Methodology
Our expert engineering team allocated 1 senior cybersecurity engineer (7 years’ experience), 1 mid-level engineer (4 years’ experience) and 1 junior engineer (over 1 years’ experience).
It was agreed with the client that we would execute this service using a Grey Box approach. The team used a number of industry-standard testing methodologies including OWASP, NIST, OSSTM and SANS.
Services provided for our customer
Customer Challenges
- Unknown threat landscape
- 10,000+ employees to protect
- Regulatory and compliance expertise requirement
- Time and expertise needed for accurate and efficient penetration testing
Timescale
- The initial penetration test lasted one week
- Two weeks allocated for remediation of all critical and high vulnerabilities.
- One day allocated for retesting.
Key Services Provided
- Network Testing
- Penetration Testing
- Vulnerability Scanning
Business Outcome
This project was successful in helping our client assess their threat vulnerability and remediate issues within their defences. The project was completed on time and on budget, enabling the customer to meet it’s regulatory and compliance requirements and secure their threat landscape moving forwards. A suitable cadence was set for ongoing pen testing exercises and our security partnership was strengthened.
More protection. Less tech.
We're removing the complexity within your security tech stack. Forget alert fatigue and let Safetech streamline and simplify your security posture.
NAVIGATION
Phriendly Phishing
FOLLOW US
STAY CONNECTED
You need a helping hand with your project?
Plexal, The Press Centre,
Here East, 14 East Bay Lane,
London,
E20 3BS,
UK
No. 12-14 Frunzei Street, Frunzei Center, 1st-3rd Floor, 2nd District, 021533, Bucharest, Romania
Professional Indemnity Insurance | Public and Product Liability Insurance *Information can be provided on request