English
  • Russian
  • Korean
  • Support
Positive Technologies
English
  • Russian
  • Korean
  • Solutions
    ICS/SCADA

    Critical infrastructure on the frontline

    Vulnerability Management

    Stop being an easy target

    Financial Services

    Can your security keep up with you?

    Protection from targeted attacks (anti-apt)

    Early detection, rapid investigation

    PT Industrial Cybersecurity Suite

    PT ICS is an integrated platform for cyberthreat detection and response in industrial systems

    Utilities

    Industrial-grade cybersecurity

    ERP Security

    Take control of your ERP security

    Security Compliance

    Turn policies into protection

    View all →
  • Products
    MaxPatrol 8

    Vulnerability and compliance management system.

    MaxPatrol SIEM

    Knows your infrastructure, delivers pinpoint detection.

    PT Application Firewall

    Intelligent protection of business applications.

    PT Application Inspector

    Source code analysis tool.

    PT ISIM

    Cyberthreat detection and incident response in ICS.

    PT Network Attack Discovery

    NDR system to detect attacks on the perimeter and inside the network.

    PT Sandbox

    Advanced sandbox with customizable virtual environments

    XSpider

    Vulnerability scanner.

    MaxPatrol VM

    Next-generation vulnerability management system.

    MaxPatrol SIEM All-in-One

    Full-featured SIEM for mid-sized IT infrastructures.

    PT MultiScanner

    Multilayered protection against malware attacks.

    PT BlackBox

    Dynamic application security testing tool

    View all →
  • Services
    ICS/SCADA Security Assessment

    Full Range of ICS-specific Security Services

    ATM Security Assessments

    Uncover Your Weaknesses

    Web Application Security Services

    Black Box and White Box Analysis

    Mobile Application Security Services

    Security Analysis and Compliance Audit

    Custom Application Security Services

    Independent Expert Analysis of Your Source Code

    Penetration Testing

    A Comprehensive Approach

    Forensic Investigation Services

    Prevent Future Incidents

    Advanced Border Control

    Upgrade Your View of Perimeter Security

    View all →
  • Analytics
    Threatscape
    PT ESC Threat Intelligence
    Cybersecurity glossary
    Knowledge base
    View all →
  • Partners
  • About
    Clients
    Press
    News
    Events
    Contacts
    Documents and Materials
    View all →
Menu
  • Home
  • Solutions
  • Financial Services

Financial Services

Our comprehensive approach to security for banks and other financial institutions includes penetration and online banking security testing, ATM security assessments, and SSDL consulting.

Experts in Protecting Financial Systems
Resources
Video
Contact us

Can Your Security Keep Up with You?

The financial services industry is a recognized leader in IT innovation, but many organizations are failing to scale up their security measures to deal with the ever-growing risks involved.

Due to the large amounts of money at stake, hackers are looking to exploit any weaknesses—not only in your IT network and system infrastructure, but also in your core banking systems (CBS), Internet banking applications, ATMs, and point-of-sale (POS) terminals.

With governments turning up the regulatory heat on banks and financial services companies, coupled with the demand for mobile banking applications, it’s time for financial organizations to rethink their cybersecurity and compliance strategy.

Experts in Protecting Financial Systems

For over a decade, Positive Technologies has been conducting security and compliance assessments for dozens of leading banks around the world, giving us unique insights into the practical challenges involved in securing these types of systems.

Our security researchers are continually in the field learning about the latest threats and banking systems in order to keep our customers ahead of emerging dangers.

Our security specialties provide in-depth analysis to financial organizations including penetration testing, development of CBS hardening guides, secure software development lifecycle (SSDL) consulting, and security and compliance assessments of ATMs, POS terminals, banking applications, and even SAP.

Our comprehensive approach to security for banks and other financial institutions includes:

  • Penetration testing:
    • Identifying existing vulnerabilities, showing ways to exploit them, and measuring your staff’s level of security awareness to demonstrate how hackers could circumvent your existing security mechanisms or persuade users to sidestep security policies
  • Online banking security assessments:
    • Gray-box web application security testing for online banking system analysis from the perspective of an intruder with no access to the application (no user-level access)
    • White-box web application security testing including analysis of web application source code and architectures
  • ATM security assessments:
    • Preliminary ATM audit to obtain general information on the system, analyze the main system components, identify hardware and software versions, test network communications and protocols, and scan for vulnerabilities
    • Security assessment of ATM hardware and software components includes finding known and zero-day vulnerabilities and developing exploit tools to verify vulnerabilities and demonstrate possible attacks
  • SSDL сonsulting:
    • Our Secure Software Development Lifecycle (SSDL) consulting service helps organizations introduce the procedures necessary for secure application development, including infosec training, security policy and risk assessment development, how to write secure code, code review and audit methods, deployment, and incident response

Resources

Case Study—Zitouna
Case Study—Societe Generale
Case Study—Intesa Sanpaolo
Banking Security and Compliance

System-Wide Security with MaxPatrol

Cybercriminals will use any crack they can find to crawl in and attack your organization. So you need to be able to see into all your systems—not only a few. MaxPatrol is a single solution that provides black-box and white-box identification of vulnerabilities and configuration defects within all your applications, databases, network, and operating systems, including your CBS, online banking portals, and ATMs.

The technical checks built in to MaxPatrol rapidly gauge your level of compliance with standards including PCI DSS, ISO (27001:2005, 27002, 27011:2008), and SOX. You can also easily add your own custom checks for compliance with internal corporate standards or those mandated where you do business.

Let MaxPatrol automate your quarterly PCI DSS assessments of all perimeter systems and applications involved in payment card transactions, so you can fix vulnerabilities and generate Approved Scanning Vendor (ASV)–compliant reports.

Video

January 5, 2015
Financial Technologies—Ensuring Stock Exchange Availability

Application Security: Banking’s New Frontline

The Verizon 2014 Data Breach Investigation Report (DBIR) identified web application attacks as the number-one threat to the financial sector. Not a surprise really, given the rapid development cycles and large number of applications used by most banks. What should you do when your developers lack the advanced knowledge required to defend your applications from vulnerabilities and exploits?

PT Application Firewall and PT Application Inspector deliver a comprehensive, modern answer to today’s application security challenges. With features not found in other solutions, Positive Technologies products make it possible for financial institutions to protect both their internal- and external-facing applications from attacks, stop fraud and leaks of sensitive data, and prevent the collapse of networks and services.

The risks are high. You need a partner who knows banking and financial services data security. You need Positive Technologies.

News

April 4, 2019 Positive Technologies: attackers can access personal data and other sensitive information in every online bank
March 18, 2019 Positive Technologies: healthcare institutions received more attacks than the finance sector in 2018
May 21, 2018 New Positive Technologies Report: How Hackers Rob Banks
All news →

Contact us

By clicking Send you give your free and explicit consent to process your personal data and agree to our Privacy Policy

Company Services

  • ICS/SCADA Security Assessment
  • ATM Security Assessments
  • Web Application Security Services
  • Mobile Application Security Services
  • Custom Application Security Services
  • Penetration Testing
  • Forensic Investigation Services
  • Advanced Border Control

Company Products

  • MaxPatrol VM
  • PT Sandbox
  • MaxPatrol SIEM All-in-One
  • XSpider
  • PT Network Attack Discovery
  • MaxPatrol SIEM
  • PT BlackBox
  • MaxPatrol 8
  • PT Application Firewall
  • PT Application Inspector
  • PT ISIM
  • PT MultiScanner
Solutions
  • ICS/SCADA
  • Vulnerability Management
  • Financial Services
  • Protection from targeted attacks (anti-apt)
  • PT Industrial Cybersecurity Suite
  • Utilities
  • ERP Security
  • Security Compliance
Products
  • MaxPatrol 8
  • MaxPatrol SIEM
  • PT Application Firewall
  • PT Application Inspector
  • PT ISIM
  • PT Network Attack Discovery
  • PT Sandbox
  • XSpider
  • MaxPatrol VM
  • MaxPatrol SIEM All-in-One
  • PT MultiScanner
  • PT BlackBox
Services
  • ICS/SCADA Security Assessment
  • ATM Security Assessments
  • Web Application Security Services
  • Mobile Application Security Services
  • Custom Application Security Services
  • Penetration Testing
  • Forensic Investigation Services
  • Advanced Border Control
Analytics
  • Threatscape
  • PT ESC Threat Intelligence
  • Cybersecurity glossary
  • Knowledge base
Partners
About
  • Clients
  • Press
  • News
  • Events
  • Contacts
  • Documents and Materials
Positive Technologies
Copyright © 2002—2023 Positive Technologies. All Rights Reserved.
Find us:
  • Report a vulnerability
  • Help Portal
  • Terms of Use
  • Privacy Notice
  • Cookie Notice
  • Positive Coordinated Vulnerability Disclosure Policy
  • Sitemap
Copyright © 2002—2023 Positive Technologies. All Rights Reserved.
  • Report a vulnerability
  • Help Portal
  • Terms of Use
  • Privacy Notice
  • Cookie Notice
  • Positive Coordinated Vulnerability Disclosure Policy
  • Sitemap