English
  • Russian
  • Korean
  • Support
Positive Technologies
English
  • Russian
  • Korean
  • Solutions
    ICS/SCADA

    Critical infrastructure on the frontline

    Protection from targeted attacks (anti-apt)

    Early detection, rapid investigation

    Security Compliance

    Turn policies into protection

    Vulnerability Management

    Stop being an easy target

    Utilities

    Industrial-grade cybersecurity

    Financial Services

    Can your security keep up with you?

    ERP Security

    Take control of your ERP security

    View all →
  • Products
    MaxPatrol

    Vulnerability and compliance management system.

    PT Application Inspector

    Source code analysis tool.

    PT Sandbox

    Advanced sandbox with customizable virtual environments

    PT MultiScanner

    Multilayered protection against malware attacks.

    MaxPatrol SIEM

    Knows your infrastructure, delivers pinpoint detection.

    PT ISIM

    Cyberthreat detection and incident response in ICS.

    XSpider

    Vulnerability scanner.

    PT Application Firewall

    Intelligent protection of business applications.

    PT Network Attack Discovery

    NDR system to detect attacks on the perimeter and inside the network.

    MaxPatrol SIEM All-in-One

    Full-featured SIEM for mid-sized IT infrastructures

    View all →
  • Services
    ICS/SCADA Security Assessment

    Full Range of ICS-specific Security Services

    Mobile Application Security Services

    Security Analysis and Compliance Audit

    Penetration Testing

    A Comprehensive Approach

    ATM Security Assessments

    Uncover Your Weaknesses

    Custom Application Security Services

    Independent Expert Analysis of Your Source Code

    Forensic Investigation Services

    Prevent Future Incidents

    Web Application Security Services

    Black Box and White Box Analysis

    SSDL Implementation

    Secure Application Development at Your Organization

    Advanced Border Control

    Upgrade Your View of Perimeter Security

    View all →
  • Analytics
    Threatscape
    PT ESC Threat Intelligence
    Cybersecurity glossary
    Knowledge base
    Research Blog
    View all →
  • Partners
    Authorized Partners
    Distributors
    Technology Partners
    View all →
  • About
    Clients
    Press
    News
    Events
    Contacts
    Documents and Materials
    View all →
Menu
  • Home
  • Solutions
  • Financial Services

Financial Services

With governments turning up the regulatory heat on banks and financial services companies, coupled with the demand for mobile banking applications, it’s time for financial organizations to rethink their cybersecurity and compliance strategy. Our comprehensive approach to security for banks and other financial institutions includes penetration and online banking security testing, ATM security assessments, and SSDL consulting.

Experts in Protecting Financial Systems
Resources
Video
Contact us

Can Your Security Keep Up with You?

The financial services industry is a recognized leader in IT innovation, but many organizations are failing to scale up their security measures to deal with the ever-growing risks involved.

Due to the large amounts of money at stake, hackers are looking to exploit any weaknesses—not only in your IT network and system infrastructure, but also in your core banking systems (CBS), Internet banking applications, ATMs, and point-of-sale (POS) terminals.

With governments turning up the regulatory heat on banks and financial services companies, coupled with the demand for mobile banking applications, it’s time for financial organizations to rethink their cybersecurity and compliance strategy.

Experts in Protecting Financial Systems

For over a decade, Positive Technologies has been conducting security and compliance assessments for dozens of leading banks around the world, giving us unique insights into the practical challenges involved in securing these types of systems.

Our security researchers are continually in the field learning about the latest threats and banking systems in order to keep our customers ahead of emerging dangers.

Our security specialties provide in-depth analysis to financial organizations including penetration testing, development of CBS hardening guides, secure software development lifecycle (SSDL) consulting, and security and compliance assessments of ATMs, POS terminals, banking applications, and even SAP.

Our comprehensive approach to security for banks and other financial institutions includes:

  • Penetration testing:
    • Identifying existing vulnerabilities, showing ways to exploit them, and measuring your staff’s level of security awareness to demonstrate how hackers could circumvent your existing security mechanisms or persuade users to sidestep security policies
  • Online banking security assessments:
    • Gray-box web application security testing for online banking system analysis from the perspective of an intruder with no access to the application (no user-level access)
    • White-box web application security testing including analysis of web application source code and architectures
  • ATM security assessments:
    • Preliminary ATM audit to obtain general information on the system, analyze the main system components, identify hardware and software versions, test network communications and protocols, and scan for vulnerabilities
    • Security assessment of ATM hardware and software components includes finding known and zero-day vulnerabilities and developing exploit tools to verify vulnerabilities and demonstrate possible attacks
  • SSDL сonsulting:
    • Our Secure Software Development Lifecycle (SSDL) consulting service helps organizations introduce the procedures necessary for secure application development, including infosec training, security policy and risk assessment development, how to write secure code, code review and audit methods, deployment, and incident response

Resources

Case Study—Zitouna
Case Study—Societe Generale
Case Study—Intesa Sanpaolo
Banking Security and Compliance

System-Wide Security with MaxPatrol

Cybercriminals will use any crack they can find to crawl in and attack your organization. So you need to be able to see into all your systems—not only a few. MaxPatrol is a single solution that provides black-box and white-box identification of vulnerabilities and configuration defects within all your applications, databases, network, and operating systems, including your CBS, online banking portals, and ATMs.

The technical checks built in to MaxPatrol rapidly gauge your level of compliance with standards including PCI DSS, ISO (27001:2005, 27002, 27011:2008), and SOX. You can also easily add your own custom checks for compliance with internal corporate standards or those mandated where you do business.

Let MaxPatrol automate your quarterly PCI DSS assessments of all perimeter systems and applications involved in payment card transactions, so you can fix vulnerabilities and generate Approved Scanning Vendor (ASV)–compliant reports.

Video

January 5, 2015
Financial Technologies—Ensuring Stock Exchange Availability

Application Security: Banking’s New Frontline

The Verizon 2014 Data Breach Investigation Report (DBIR) identified web application attacks as the number-one threat to the financial sector. Not a surprise really, given the rapid development cycles and large number of applications used by most banks. What should you do when your developers lack the advanced knowledge required to defend your applications from vulnerabilities and exploits?

PT Application Firewall and PT Application Inspector deliver a comprehensive, modern answer to today’s application security challenges. With features not found in other solutions, Positive Technologies products make it possible for financial institutions to protect both their internal- and external-facing applications from attacks, stop fraud and leaks of sensitive data, and prevent the collapse of networks and services.

The risks are high. You need a partner who knows banking and financial services data security. You need Positive Technologies.

News

April 4, 2019 Positive Technologies: attackers can access personal data and other sensitive information in every online bank
March 18, 2019 Positive Technologies: healthcare institutions received more attacks than the finance sector in 2018
May 21, 2018 New Positive Technologies Report: How Hackers Rob Banks
All news →

Contact us

By clicking Send you give your free and explicit consent to process your personal data and agree to our Privacy Policy

Company Services

  • ICS/SCADA Security Assessment
  • ATM Security Assessments
  • Web Application Security Services
  • Mobile Application Security Services
  • Custom Application Security Services
  • SSDL Implementation
  • Penetration Testing
  • Forensic Investigation Services
  • Advanced Border Control

Company Products

  • PT Sandbox
  • MaxPatrol SIEM All-in-One
  • XSpider
  • PT Network Attack Discovery
  • MaxPatrol SIEM
  • MaxPatrol
  • PT Application Firewall
  • PT Application Inspector
  • PT ISIM
  • PT MultiScanner
Solutions
  • ICS/SCADA
  • Vulnerability Management
  • Financial Services
  • Protection from targeted attacks (anti-apt)
  • Utilities
  • ERP Security
  • Security Compliance
Products
  • MaxPatrol
  • MaxPatrol SIEM
  • PT Application Firewall
  • PT Application Inspector
  • PT ISIM
  • PT Network Attack Discovery
  • PT Sandbox
  • XSpider
  • MaxPatrol SIEM All-in-One
  • PT MultiScanner
Services
  • ICS/SCADA Security Assessment
  • ATM Security Assessments
  • Web Application Security Services
  • Mobile Application Security Services
  • Custom Application Security Services
  • SSDL Implementation
  • Penetration Testing
  • Forensic Investigation Services
  • Advanced Border Control
Analytics
  • Threatscape
  • PT ESC Threat Intelligence
  • Cybersecurity glossary
  • Knowledge base
  • Research Blog
Partners
  • Authorized Partners
  • Distributors
  • Technology Partners
About
  • Clients
  • Press
  • News
  • Events
  • Contacts
  • Documents and Materials
Positive Technologies
Copyright © 2002-2021 Positive Technologies
Find us:
  • Terms of Use
  • Privacy Notice
  • Cookie Notice
  • Positive Coordinated Vulnerability Disclosure Policy
  • Sitemap
Copyright © 2002-2021 Positive Technologies
  • Terms of Use
  • Privacy Notice
  • Cookie Notice
  • Positive Coordinated Vulnerability Disclosure Policy
  • Sitemap