In-depth penetration testing for a specialised Lithuanian bank

The Bank of Lithuania closely monitors financial institutions to ensure the safety and soundness of the banking system. This helps protect depositors and investors and promotes financial stability in the country.

The Bank of Lithuania requires financial institutions to undergo annual ICT risk and security assessments, including penetration testing, as part of this monitoring and continuous security improvement.

This case study showcases the successful partnership between GENERAL FINANCING BANKAS (further – GFB) and Baltic Amadeus, where we provided penetration testing to identify areas of security improvement for GFB.


GENERAL FINANCING BANKAS is a Lithuanian bank that offers a variety of financial products and services, such as savings accounts, consumer loans and term deposits.

Moreover, GFB has a network of branches throughout Lithuania. The bank is committed to providing its customers with fast, efficient, and, most importantly, safe services. Therefore, GFB performs security assessments to ensure digital protection every year.

GFB looked for an IT partner with a team of certified cyber security experts and proven penetration testing expertise. Thus, Baltic Amadeus has proposed IT consulting and penetration testing services to evaluate GFB’s ICT infrastructure and system security and to provide recommendations for improving security.



During the project, our team conducted multiple authorised and unauthorised penetration tests of the client’s information systems and infrastructure. That included penetration testing of the information system’s internal server subnet, external penetration testing, and cloud security assessment.

Moreover, we executed frontend and backend vulnerability assessment, API penetration testing with authorised user access, evaluation of cloud environment configuration, security checks of internal equipment, and vulnerability assessment of external assets.

Lastly, Baltic Amadeus presented a comprehensive report to the GFB team. The report included an explanation of all identified areas of improvement for remedial action and an in-depth technical review with misconfigurations, vulnerabilities, risks, and a description of vulnerability exploitation scenarios. Additionally, the security assessment helped the client to adhere to regulatory compliance and security standards.

Added value

The security assessment gave GFB insights into potential risks to its systems and data from a hacker’s viewpoint. It also strengthened the prevention of security incidents and financial losses caused by them.

Also, the report enabled the client’s team to clearly understand their cyber security situation and take steps to improve their security posture.

Top-quality penetration test was executed by certified and highly skilled ethical hackers who hold CEH, CISA, CISSP, CDPSE, OSCP, CREST CRT and ITIL certifications. In addition, the Baltic Amadeus team continues to help to ensure GFB’s cyber security as a technology partner.


Aptarkime naujas galimybes jums

Norite pasikonsultuoti ar turite papildomų klausimų? Susisiekite jums patogiu būdu jau šiandien.

Rezervuoti laiką

+370 5 2 780 400

    Kiti projektai

    Rytojus priklauso lyderiams. Siekiate jais būti? SUSISIEKITE >