In-depth penetration testing for a specialised Lithuanian bank

The Bank of Lithuania closely monitors financial institutions to ensure the safety and soundness of the banking system. This helps protect depositors and investors and promotes financial stability in the country.

The Bank of Lithuania requires financial institutions to undergo annual ICT risk and security assessments, including penetration testing, as part of this monitoring and continuous security improvement.

This case study showcases the successful partnership between GENERAL FINANCING BANKAS (further – GFB) and Baltic Amadeus, where we provided penetration testing to identify areas of security improvement for GFB.

Situation

GENERAL FINANCING BANKAS is a Lithuanian bank that offers a variety of financial products and services, such as savings accounts, consumer loans and term deposits.

Moreover, GFB has a network of branches throughout Lithuania. The bank is committed to providing its customers with fast, efficient, and, most importantly, safe services. Therefore, GFB performs security assessments to ensure digital protection every year.

GFB looked for an IT partner with a team of certified cyber security experts and proven penetration testing expertise. Thus, Baltic Amadeus has proposed IT consulting and penetration testing services to evaluate GFB’s ICT infrastructure and system security and to provide recommendations for improving security.

Desktop-GFbankas01-3-e1699960164195
Desktop-GFbankas02-e1699961135427

Solution

During the project, our team conducted multiple authorised and unauthorised penetration tests of the client’s information systems and infrastructure. That included penetration testing of the information system’s internal server subnet, external penetration testing, and cloud security assessment.

Moreover, we executed frontend and backend vulnerability assessment, API penetration testing with authorised user access, evaluation of cloud environment configuration, security checks of internal equipment, and vulnerability assessment of external assets.

Lastly, Baltic Amadeus presented a comprehensive report to the GFB team. The report included an explanation of all identified areas of improvement for remedial action and an in-depth technical review with misconfigurations, vulnerabilities, risks, and a description of vulnerability exploitation scenarios. Additionally, the security assessment helped the client to adhere to regulatory compliance and security standards.

Added value

The security assessment gave GFB insights into potential risks to its systems and data from a hacker’s viewpoint. It also strengthened the prevention of security incidents and financial losses caused by them.

Also, the report enabled the client’s team to clearly understand their cyber security situation and take steps to improve their security posture.

Top-quality penetration test was executed by certified and highly skilled ethical hackers who hold CEH, CISA, CISSP, CDPSE, OSCP, CREST CRT and ITIL certifications. In addition, the Baltic Amadeus team continues to help to ensure GFB’s cyber security as a technology partner.

Desktop-GFbankas03-e1699961162998

Aptarkime naujas galimybes jums

Norite pasikonsultuoti ar turite papildomų klausimų? Susisiekite jums patogiu būdu jau šiandien.

Rezervuoti laiką

+370 5 2 780 400
info@ba.lt

     privatumo politika

    Kiti projektai

    Įgyvendintas IT saugumo ir BDAR atitikties vertinimas tarptautinei hostingo paslaugų teikėjai

    Hostinger

    Unikalus kasdienės bankininkystės sprendimas kredito unijoms

    KREDA

    Aukšto įvertinimo sulaukusi mobilioji programėlė skirta Baltijos šalių skaitmeninių paslaugų bendrovei

    Bitė

    PSD2 pagrindu veikiantis mobiliosios bankininkystės sprendimas

    LCKU

    Mobilusis bankas

    AD DNB BANKAS

    Laivų veiklos analizės sistema

    AB Shippersys

    Krizinių situacijų valdymo sistema

    MAGENTA APS

    Savitarnos svetainė

    UAB Technologijų ir inovacijų centras

    E-komercijos sprendimas laivybos sektoriui

    AS Star Information Systems

    Komunikacijos platforma FamWeek

    C-EFFECTIVE

    Lizingo paraiškų sistema

    AB DNB Bankas

    Vieninga komunikacijos platforma

    SimCom AS

    Interneto svetainė aviacijos muziejui

    Newton Flight Academy

    Duomenų vizualizacijos sprendimas

    Newton Flight Academy

    Rytojus priklauso lyderiams. Siekiate jais būti? SUSISIEKITE >