About Total Expert

Total Expert is the leading fintech software company that delivers purpose-built CRM and customer engagement for modern financial institutions. The Total Experience Platform unifies data, marketing, sales, and compliance solutions to provide a cohesive experience across the customer lifecycle. Total Expert turns customer insights into actions to increase loyalty and drive growth for banks, lenders, credit unions, and other financial services firms.

Visit www.totalexpert.com to learn more.

NetSPI Solutions

Penetration Testing as a Service (PTaaS)



Employee Count



Minnesota, United States

The challenge

As a software as a service (SaaS) platform in the financial space, the information that Total Expert stores is highly valuable. They needed to make sure that it is secure and that their customers know that it’s secure. To help build and maintain that trust, Total Expert sought out a fresh perspective for its application security program and ultimately chose to engage with NetSPI for application penetration testing

When asked what makes cybersecurity a unique challenge for Total Expert, Director of InfoSec Matt Black explained, “Cybersecurity is a unique challenge not just for Total Expert, but for any company. In this space, you always have to try and stay a step ahead of people who are attempting to find vulnerabilities, to get in, and perform malicious acts against you. It’s an ever-evolving target. NetSPI gives us the opportunity to have another group of people who are helping us. We have to be on all of the time and you only have to slip up once and you erode the trust. NetSPI helps us build that trust.”

Why Total Expert works with NetSPI

  1. NetSPI helps Total Expert understand their software security program: “We have a good understanding of where we are, where we have room for improvement, and what process changes we can make internally,” said Matt. The continual engagement and application testing that Total Expert gets from NetSPI helps them know that the software they’re developing and delivering is going to be safe and secure.
  2. NetSPI’s intuitive PTaaS platform, ResolveThrough Resolve, Total Expert can see the health and history of its last test, open findings and that status of anything outstanding, and how programs and projects have progressed over time. Matt describes Resolve as “intuitive” given its ability to generate reports, check status, and help Total Expert understand what vulnerabilities are being discovered and what the potential mitigations are.
  3. The pentesting team is engaged and responsive: According to Matt, the NetSPI pentesting team has done a great job working with Total Expert and understanding its software – knowing how the platform works, participating in demos, and reading documentation. He also noted the responsiveness of the NetSPI team during their business day as a plus. They were able to turn things around in hours, not over two or three days.

Considering working with NetSPI? Here’s what Matt would tell you

“If you’re looking for the opportunity to work with a company who really understands the penetration
testing space, and was really forward looking and how they do it, NetSPI’s a great option to go with.

In addition to just the penetration testing services, they have other offerings out there with code reviews and analysis, it really is the full package to help build out a program and augment what you’re doing internally. There’s always potential to go further and go deeper with how we’re working with NetSPI.”