下载PDF
Redscan > 实例探究 > 增强专业银行的网络安全:发现漏洞并确保合规性
Redscan Logo

Enhancing Cybersecurity in Banking through Penetration Testing: A Case Study

技术
  • 网络安全和隐私 - 安全合规
  • 网络与连接 - 5G
适用行业
  • 金融与保险
  • 国家安全与国防
适用功能
  • 质量保证
用例
  • 实验自动化
  • 篡改检测
服务
  • 网络安全服务
  • 测试与认证
挑战
一家专业银行认识到,由于数字化转型和不断变化的威胁形势,有必要审查其网络安全方法。它希望发现以前的测试人员可能忽视的漏洞并确保符合法规要求。
关于客户
这家专业银行处理大量敏感数据,最近推出了在线银行门户。它还将工作负载转移到 AWS 云。该银行作为 Redscan 托管检测和响应服务的订阅者,与 Redscan 有着密切的关系。
解决方案
Redscan 的 CREST 认证渗透测试人员团队执行了一系列测试来评估银行网络的每个要素。测试涵盖内部和外部基础设施、Web 应用程序、构建和配置测试以及防火墙审查。该团队与银行的网络安全经理和 IT 经理密切合作,尽量减少对业务运营的影响。
运营影响
  • The penetration testing conducted by Redscan provided the bank with a comprehensive view of its security posture. The bank gained a deeper understanding of the risks it faces, with detailed context provided for each vulnerability discovered. The bank benefited significantly from the insight provided by Redscan’s offensive security team, which used manual tools and processes and applied creative thinking to replicate the approach of real-life adversaries. The pen testing engagements and reporting provided by Redscan helped the bank to more effectively meet the compliance requirements of the GDPR, the Financial Conduct Authority, and the Prudential Regulation Authority. Redscan’s focus was not just on finding vulnerabilities but on helping the bank to remediate them, providing helpful advice in reports detailing how the bank could address weaknesses and mitigate risks.

相关案例.

联系我们

欢迎与我们交流!

* Required
* Required
* Required
* Invalid email address
提交此表单,即表示您同意 IoT ONE 可以与您联系并分享洞察和营销信息。
不,谢谢,我不想收到来自 IoT ONE 的任何营销电子邮件。
提交

Thank you for your message!
We will contact you soon.