- Cybersecurity & Privacy - Security Compliance
- Networks & Connectivity - 5G
- Finance & Insurance
- National Security & Defense
- Quality Assurance
- Experimentation Automation
- Tamper Detection
- Cybersecurity Services
- Testing & Certification
The customer is a specialist bank based in the UK. The bank processes a high volume of sensitive data, making it an attractive target for cybercriminals. The bank had recently launched an online banking portal and was moving an increasing number of workloads to the Amazon Web Services (AWS) Cloud. The bank was concerned about its increased security risk due to these changes and recognized the need to review its approach to cybersecurity. The bank had previously used other providers for penetration testing but felt the need for a fresh approach to uncover vulnerabilities that may have been overlooked.
A specialist bank in the UK, processing a high volume of sensitive data, recognized the need to review its approach to cybersecurity due to digital transformation and the rapidly evolving threat landscape. The bank was concerned about its increased security risk due to a recently launched online banking portal and an increasing number of workloads moving to the Amazon Web Services (AWS) Cloud. The bank had previously used other providers for penetration testing but felt the need for a fresh approach to uncover vulnerabilities that may have been overlooked. The bank sought the expertise of Redscan, with whom it already had a strong relationship, to provide in-depth insight and support its compliance with the requirements of the Financial Conduct Authority, the Prudential Regulation Authority, and the GDPR.
Redscan’s team of CREST-accredited pen testers performed a range of tests over a week to assess every element of the bank’s network. The focus was on establishing the extent to which hackers could gain unauthorized access to the bank’s critical systems and data. The six phases of testing covered internal infrastructure testing, external infrastructure testing, web application testing, build testing, configuration testing, and a firewall review. The tests were conducted both on-premises and remotely, with the Redscan team liaising closely with the bank’s Cyber Security Manager and IT Manager to complete the process smoothly without impacting the bank’s business operations. The team uncovered a number of threats previously overlooked by other pen testers, including default legacy protocols within the network that hadn’t been updated and a number of weak configurations.
Case Study missing?
Start adding your own!
Register with your work email and create a new case study profile for your business.