Our client was a large Australian based financial services organisation with multiple customer facing services, including web portals, mobile apps and APIs. 

To provide assurance that the systems are secure, penetration testing was conducted to identify any vulnerabilities and risks, followed by implementation of required updates and fixes. 

The project encompassed: 

• Defining scope and requirements for testing fieldwork to be performed 

• Selection of a specialist security service provider to conduct the testing 

• Completion of procurement and commercials for engagement of the service provider 

• Managing and collaborating with the service provider during execution of field work 

• Engaging with all internal business and product owner stakeholders 

• Reporting progress and alerts for any critical vulnerabilities identified 

• Capture of all test results and findings into JIRA 

• Prioritisation of remediation activities based on the level of risk for each vulnerability 

• Review all findings with the development teams and agreement of delivery dates 

• Track and manage the delivery of updates, improvements and fixes 

• Re-testing for key vulnerabilities to confirm closure of the risk 

Penetration testing provides valuable insights into how secure your digital platforms really are, and they should be conducted regularly to ensure that you have the defences in place to prevent intrusions, data breaches, denial of service attacks (DDOS) and other cyber security incidents.

Read more about our Program and Project Management services.