Penetration Testing Against Information Security Risks for ING Bank

ING Bank Ukraine logo

Location:

Ukraine

Industry:

Banking & Finance

Employees:

63 000+ (global)

About the Customer:

Headquartered in Amsterdam, Netherlands, The ING Group is a global financial corporation with 150-year background. ING Bank’s more than 63,000 employees offer retail and commercial banking services to over 32 million private, corporate and institutional clients in over 40 countries. ING Wholesale Banking Ukraine is a full subsidiary of ING, a leading global financial institution with a strong European base.

Business Challenge

Aiming to enhance the protection of the online services against cyber attacks, ING Bank Ukraine needed to identify all security weaknesses of the utilized web applications and mitigate the risk of misusing the network services.

As a security consultant, Infopulse needed to:

  • Perform the evaluation of security risks for the business-critical web applications and network services;
  • Provide detailed recommendations on the improvement of information systems’ security level.
Penetration Testing Against Information Security Risks for ING Bank - Case Image

Solution

The security testing approach suggested by Infopulse was based on the OWASP security testing guidelines.

Infopulse presented a complex solution to ING Bank Ukraine, which included:

  • Analysis of the information from public resources;
  • Vulnerability Assessment: discovering all vulnerabilities in the target web and application servers with the use of known automated tools, e.g. Web Inspect, and the developed specific tests;
  • Black Box and White Box penetration testing;
  • Controlled hacking of the target systems by experts certified in information security, with the aim to confirm the identified vulnerabilities and discover the undetected ones.

Technologies

Offensive Security logo
Offensive Security
OSSTMM logo
OSSTMM
OWASP logo
OWASP
SANS logo
SANS
ISACA logo
ISACA
ISSAF logo
ISSAF
and many others

Results

  • Black Box and White Box penetration testing reports;
  • A detailed report comprising the list of vulnerabilities and configuration weaknesses, which could be exploited in the network access points;
  • Recommendations on countermeasures;
  • Informing the bank’s management team on the existing information security risks.

Customer Quote

quotes image
Nowadays the majority of processes in the banking sphere are computerized, and information systems security level is an important indicator of the reliability of a financial establishment. Paying particular attention to the protection of our clients’ and partners’ confidential information, ING Bank Ukraine regularly conducts security audits and chooses contractors carefully. Infopulse provided the security risks evaluation and presented the detailed recommendations on the improvement of our information systems’ security level.
image of person
Alexandr Matsera
Senior Officer of the Informational and Operational Risk Management Department at ING Bank Ukraine

Related Services

We have a solution to your needs. Just send us a message, and our experts will follow up with you asap.

Please specify your request

Thank you!

We have received your request and will contact you back soon.