Banking Dive: Banks engage in self-hacks to keep defenses sharp
On Mar. 9, 2020, NetSPI President and COO Aaron Shilts was featured in Banking Dive.
The next level of self-hack is conducted at a more enterprise level, called red team testing.
There are a few variations of the approach. In one, red-team testers adopt the tactics of a specific, known threat actor and try to achieve a specific objective against a chosen target.
Red teaming is typically done by banks that are at a higher level of security maturity overall, said Wong.
The value of penetration testing over simply using scanning software is that you’re adding humans to the mix, said Aaron Shilts, president and COO of vulnerability assessment firm NetSPI.
“If we were bad guys, you know, what would we use to get in?” Shilts told ABA. “How could we get in? What do their defenses really look like? With limited information, it’s kind of a good way to simulate how accessible the crown jewels are from the outside.”
Read the full article here.
Explore More News
NetSPI Named Sample Vendor in 2025 Gartner® Hype Cycle™ for Application Security
NetSPI announces its inclusion in the Gartner Hype Cycle for Application Security 2025, highlighting its innovative solutions and industry leadership.
Media Alert: NetSPI Named a Finalist in Penetration Testing Category for the Top InfoSec Innovator Awards, 2025
NetSPI is named a finalist in the Penetration Testing category for the Top InfoSec Innovator Awards 2025.
SC Media: Compromised at the Core: Why Identity Remains Cyber’s Biggest Flaw
Nick Walker, Regional Director, EMEA at NetSPI, in an article published in SC Magazine, warns that identity compromise, not exotic malware, remains the most dangerous weakness in enterprise cybersecurity.