With a truly global presence, this financial leader creates customized solutions that help their clients turn their goals into realities. The company serves corporations, governments, and other financial institutions, as well as individual high-net-worth customers. They take pride in their deep knowledge and expertise in multiple sectors, as well as their culture of consistent innovation.

€9.5

billion net revenue

38

countries with branches

The problem

With offices in 38 countries and more than 16,000 employees, this large financial institution served a wide range of unique clients, including extremely wealthy individuals and foreign governments. Nearly all of the expansive amount of information they held on their system was highly sensitive: bank account numbers, private corporate financial data, even home addresses for billionaires and international celebrities. Naturally, ensuring the system’s security was impenetrable was top priority. So, when a routine penetration test revealed that a public-facing app was highly vulnerable to a structured query language injection (SQLi) attack, there was no time to waste.

In these types of attacks, hackers manipulate databases to reveal the most sensitive types of information. In a worst case scenario, the hacker could even gain administrative rights to the database—a scenario the financial institution had to avoid in order to protect their customers, and themselves. It was clear that an institution of their size, boasting a roster of clients with very large bank accounts, was an irresistible and incredibly lucrative target. They knew an attack was imminent. And, they knew RedShield could save them.

The solution

In less than a day, RedShield produced a shielding plan to protect the financial institution’s system from SQLi attacks. The solution transformed all user input to text, disarming an attempted attack. At the same time, it wouldn’t block any legitimate users.

The results

A third-party security expert conducted penetration testing, and confirmed that the RedShield approach was effective. A second expert even attempted to simulate an attack, and failed miserably. RedShield successfully completed a full deployment, and the financial institution, their customers, and their livelihood were all protected.
Once again, RedShield was ahead of the hackers—way ahead.

Today, RedShield continues to stand guard:

  • Monitoring the firm’s tools and systems 24/7
  • Auditing the application defenses weekly
  • Responding to any customer queries or application updates
  • Delivering monthly analyst reports

“RedShield responded with the speed and accuracy that we needed. Dual confirmation from security audit companies has given us confidence in their shields. The fact that no customers can be blocked by mistake is also a bonus, and something I was not aware was possible before this engagement.”

— Financial Institution Executive

Next article: Securing a Third-Party App That Can’t Be Touched
All Case studies

See how we can shield your web applications and APIs

Get your free trial or talk to one of our experts.

Free trial
or
Talk to us