Let’s work together
Want to discuss potential opportunities? Pick the most suitable way to contact us.
Book a call+370 5 2 780 400
info@ba.lt
Penetration testing for the international investment platform
As a financial service provider, Orion Securities performs regular security check-ups not only to meet regulations in EU Regulations but also ensure safe, stable, and timely services for investors amid rising global cyber threats. We are happy to collaborate with Orion Securities again – this time implementing an independent IT security audit.
Situation
Orion Securities is an investment bank providing full range of investment services including intermediation in financial markets, investment banking, private banking & wealth management, securities services, and fund depositary. Their clients are high-net-worth individuals, corporate customers and asset managers. They do operate under Full Scope EU Investment Firm License issued by the Bank of Lithuania. As a financial services company, Orion Securities prioritises information security. Regular security assessments are conducted to fortify resilience against cyber attacks and uphold data protection.
Building on our successful past collaboration with Orion Securities, the client reached out to us for their security needs. In response, we provided and implemented authorised penetration testing.
Solution
We conducted comprehensive penetration testing, covering frontend, backend, and authorised user access for APIs. Our team evaluated internal network security, conducting checks on the client’s internal equipment, applications, operating systems, and servers. This encompassed scrutinising network user enumeration, privilege escalation, AD security, and potential login data interception.
Our cyber security team also conducted OSINT, enumerating company email addresses, examining publicly available client IPs, and scrutinising communication with external systems. Lastly, we performed an automated vulnerability assessment for both external and internal IT infrastructure, including web applications.
Added value
Following the penetration testing, we delivered a detailed report to the client, explaining the results and providing an overall analysis of their security situation. This report offers easy-to-understand insights for the client’s IT team.
The completed report clearly describes areas that need improvements and offers step-by-step recommendations on how to implement them. This provides guidance to the client’s team in taking practical steps to enhance both external and internal network security for their IT systems.
Lastly, our team that implemented the project consisted of cyber security experts certified in CISSP, CDPSE, CISA, CEH, and CompTIA PenTest+. This underlined our commitment to providing top-tier security services for the client.
Other projects
Web Application for a Shipping Emissions Management Provider
Hecla Emissions Management AS
Self-service portal for investment banking customers
ORION Securities
Data analytics solution for the global aircraft service provider
FL Technics
CISO services for an international payment institution
ArcaPay
Phishing and security training for the real estate group
Darnu Group
Budget management system for the sustainability solution provider
Vesta Consulting
Azure AI vision solution for the global tobacco company
JTI Lithuania
AWS migration for online business payment provider
OPAY
User experience services for a Norwegian communication software provider
Omnicus
Power BI solution for the global tobacco provider
JTI Lithuania
ESG analysis for the international sustainability solution provider
Vesta Consulting
Reliable marketplace platform for used car trading
Data warehouse modernisation for the international tobacco company
JTI Lithuania
Unified IT systems for the debt company
Drupal-based CMS for a leading tobacco company worldwide
JTI Lithuania
Solar energy trading solution for the international energy company
Progress OpenEdge development and system testing services for a Swiss company
Optiwork
AWS-based automated reporting and billing solution for the US transportation company
Clever Transco LLC
Azure-based solution that cut infrastructure costs by over 4 times
ProMark
Data/API Hub solution for the international ferry service provider
TT-Line
Security assessment and InfoSec training for a global media company
Internews
Infrastructure and data migration assessment for agricultural retail provider
Lytagra
Upgraded analysis platform boosted paid user base by 43%
Börsdata
In-depth penetration testing for a specialised Lithuanian bank
General Financing Bankas
Mobile app for the fastest-growing payment solutions provider in Lithuania
ConnectPay
Mobile app development for the largest insurance company in the Baltics
Lietuvos Draudimas
Boosted sales performance for the leading digital services company in the Baltics
Bitė
Highly rated mobile app for Baltic digital services company
Bitė
Progress OpenEdge solution for the US medical billing and management service provider
Professional Billing, Inc.
Efficiency-driven ordering and billing system for large-scale military training
WilNor Governmental Services AS
High-performing eCommerce platform for one of the largest pharmacy providers in the Baltics
EUROAPOTHECA
AWS-based mobile banking solution for the financial institution
LCCU
Fully automated and scalable leasing solution for DNB Bank
DNB BANK
Ensured IT security & GDPR compliance for the international web hosting provider
Hostinger
Convenient daily banking solution for credit unions
KREDA
Mobile banking app for DNB bank
DNB bank
Performance monitoring solution for the global shipping company
Shippersys
Custom Business Intelligence solution for a global maritime company
Shippersys
Crisis management system for Norway’s educational institutions
Akershus County
eCommerce platform for the global maritime Enterprise Asset Management provider
Star Information Systems
Innovative eCommerce solution that enhanced customer experience for electricity consumers
UAB Technologijų ir inovacijų centras
Web and mobile applications for preschools to ensure children’s safety
FamWeek
Fully upgraded communication platform for the Norwegian telecoms company
SIMCOM AS
eCommerce reservation platform for the Norwegian Aviation Museum
Norwegian Aviation Museum
Data visualisation solution that highly increased business productivity
UNIPARK
Entirely upgraded mobile app for Lithuania’s largest digital service provider
TELIA