NetSPI Financial Practice

NetSPI Services to Financial Institutions

• Minimizing risk within applications through multi-layer testing:
  vulnerability, penetration, and code-level review.
• Database and data warehouse security assessments.

• Assessing protection of confidential data in relationships with third-party service providers, partners, and data programs.
• Evaluating third-party risk by reviewing programs, services, and technologies.

• Conducting mock email and web based phishing exercises to determine your organization's ability to detect and respond to an attack.
• Phone-based social engineering and onsite premise penetration testing to identify weaknesses within your authorization and access processes.
• Reviewing business processes and finance-related practices to identify potential exposure of confidential information.

• Classifying assets based on criticality and process or storage of sensitive information.
• Assessing organizational risk through program, compliance and technical review.
• Evaluating program effectiveness, identifying gaps, and developing plans to reduce organizational risk related to information systems.
• Incorporating infrastructure review and testing such as network architecture, firewall, IDS review and multi-layer penetration testing.

• PCI pre– and post–audit consulting.
• PCI PA-DSS auditing.
• External (ASV) & internal vulnerability scanning, penetration testing, code review, and firewall rule-set reviews.
• PCI audit data/report consolidation.