AWS Penetration Testing Gives In-Depth Cyber Risk Insight to Specialist Bank

Having previously used other providers to perform penetration testing, a bank commissioned Kroll to take a fresh approach to its information security by uncovering vulnerabilities that may have been overlooked by the other testers. Kroll’s support has given the bank the additional insight and guidance it needs to ensure the security of its estate and better meet its compliance obligations.

The Challenge

A specialist bank recognized that it needed to review its approach to cyber security to adapt to digital transformation and the rapidly evolving threat landscape. The bank processes a high volume of sensitive data, making it an attractive target for cybercriminals. It was also concerned that its security risk had grown because of a recently launched online banking portal and an increasing number of workloads moving to the Amazon Web Services cloud.

Because it wanted to review its approach to uncovering vulnerabilities, the bank recognized the need to undertake penetration testing in addition to that already performed by other companies. The bank recognized that Kroll’s offensive security expertise would provide the in-depth insight it needed and further support its compliance with the requirements of the Financial Conduct Authority, the Prudential Regulation Authority and the GDPR. This initiative would build on the already-strong relationship the bank had with Kroll as a subscriber to its Kroll Responder managed detection and response (MDR) service.

“The penetration testing that Kroll performed provided some very credible findings and outlined clear improvements that we were able to implement. The whole process raised the bar of our cybersecurity defenses.” – Head of Cybersecurity, specialist bank

Kroll's Solution

Over the course of a week, Kroll’s team of CREST-accredited pen testers performed a range of tests to assess every element of the bank’s network. The focus was on establishing the extent to which hackers could gain unauthorized access to the bank’s critical systems and data. The six phases of testing covered internal infrastructure testing, external infrastructure testing (assessing security from the viewpoint of a potential hacker), web application testing, build testing, configuration testing and a firewall review.

Undertaking tests both on-premises and remotely at the same time, the Kroll team liaised closely with the bank’s Cybersecurity Manager and IT Manager to complete the process smoothly without impacting the bank’s business operations. In doing so, the team uncovered a number of threats previously overlooked by other pen testers. These included default legacy protocols within the network that hadn’t been updated and a number of weak configurations, including one which had been set up by a third-party supplier.

High-quality Remediation Advice

Kroll’s focus was not just on finding vulnerabilities but on helping the bank to remediate them. As well as searching for and uncovering specific vulnerabilities, the team provided tailored advice, detailing how the bank could address weaknesses and mitigate risks.