Post Breach Protection of A Financial Portal | 1.0 | June 2019
Post Breach Protection of A Financial Portal
In the financial portfolio management business, the customer web portal is both critical to business continuity and customer experience and expensive to modify. All changes must be technically and commercially audited to protect customer information and meet regulatory requirements.
For this large, European financial management business, their customer portal was functioning well and business was good. However, after the company noticed a couple of suspicious transactions, a security audit was conducted and critical vulnerabilities were detected. In addition, the audit confirmed that malicious software was imbedded in their backend system and a data exfiltration was actively in progress. The portal was immediately taken offline and the malicious software investigated.
Attackers had exploited vulnerabilities and discussions with a software development company about a complete portal rebuild ensued. A multi-million-dollar GBP investment over 12 months was proposed. A chance meeting with a development subcontractor on the job resulted in a midnight phone call to RedShield.
Within 24 hours, RedShield reviewed the pen testing report and proposed fixes to all issues including 18+ custom logic shields. Agreement was reached and emergency deployment commenced.
RedShield deployed the solution to a RedShield European PoP in a matter of hours and simultaneously started the testing and solution certification procedure. After the initial emergency deployment, strict change management procedures were implemented and testing and management reports confirmed the robustness of the solution.
It is not really too much of a stretch to guess that RedShield saved our business. We were definitely saved from massive business disruption, and who knows where that would have ended. I’m really glad I had that beer with Jim when things were looking pretty bleak.
The customer portal was back online in just days much to the satisfaction of the company’s risk and security auditors. Customer attrition due to unavailability was managed. Costly and time consuming redevelopment and recertification was avoided.
RedShield experts continue to monitor the tools and systems 24/7, audit the application defenses weekly, respond to any customer queries and application updates, and provide monthly commented analyst reports.
RedShield is the world’s first and only web application shielding-with-a-service cybersecurity company. The RedShield shielding-with-a-service offering combines superior web application shielding software with industry-leading cybersecurity services. Powerful vulnerability intelligence, exploitation research and a prolific database of known exploits ensure the right shields are deployed quickly minimizing application downtime and costly remediation delays.