FractalScan Surface used for Which? banking survey

10 February 2023
|
1 min Read
|
David Griffiths
Start Free Trial

We’ve worked again with Which? (aka the Consumers’ Association) to undertake an in-depth study into the cyber security posture of the UKs leading banks, focussing specifically on their online and app security. This was performed by our world-class cyber security consulting team at Red Maple Technologies.

Use of FractalScan Surface for the study

Our consulting team used FractalScan Surface extensively for this study, to automate what would otherwise have been a very laborious task of online asset discovery (often call ’enumeration’), and the matching of finding against known vulnerabilities and configuration errors.

Two key areas we used FractalScan Surface for in the study were:

  • Websites - to scan the websites and public assets of all the organisations testing for such things as any sensitive ports and services, for out-of-date components in web applications, TLS misconfiguration or expired certificates.
  • Email configuration - to test the SPF, DKIM and DMARC settings and configurations of the main sending domains for each bank.

You can find the final Which? report on their website here: Which banks have the best online and app security?

We have also written a more detailed blog where we discuss how we conducted the testing and what was included.

FractalScan Surface Summary Results

About David Griffiths
David is Red Maple Technology's Chief Technology Officer, and one of our co-founders. He has 25 years' experience of leading, developing and architecting complex technical systems across the Defence, Government and Commercial sectors. David is a cyber security and cloud infrastructure specialist, with a rich background in agile methodology and modern software development technologies, covering a broad range of environments from embedded systems to web applications.
David Griffiths

FractalScan Surface is trusted by companies worldwide

Which? Consumers' Association logo Haas Automation Inc. logo VTS logo Bland Group logo DIGI2AL logo Tyburn logo University of Gibraltar logo IONOS logo Kiris logo Xdia logo Varadius logo

What our customers say

  • Haas Automation Inc. logo

    "FractalScan Surface is an impressive tool that we use to monitor our external cyber risks and those of our dealers worldwide. We've even used it to perform due diligence security checks on third-party suppliers.

    I appreciate the easy-to-understand summary views, and my team likes that the daily scans automatically reflect their ongoing risk mitigation efforts.

    I'd really encourage other companies to use this tool and start tracking their cyber risks."

    Ken Shannon
    IT Security Manager, Haas Automation Inc.
  • VTS logo

    "As one of the first beta testers for FractalScan Surface, we've seen the product maturing into a comprehensive tool for monitoring our attack surface. We were then very happy to sign-up to the Premium Tier of FractalScan, adding to our security tool suite. I find FractalScan's user interface easy to use, allowing us to efficiently identify new risks and changes in our attack surface.

    FractalScan's capability to mark domains hosted on shared cloud services gives us the ability to remove risks associated with IP addresses which are not part of our infrastructure, allowing us to focus our resources. The consultancy we've had from the professional services team at Red Maple Technologies confirms the credibility and background of the team building FractalScan. I'm excited to see what's coming next for FractalScan."

    Robin Craib
    Staff Information Security, VTS.
  • Formula 1 text logo

    "FractalScan Surface has been great for discovering our online-visible assets and exposures, allowing us to make some immediate improvements to reduce our cyber risk."

    Daily scanning enables us to keep on top of our external attack surface, which is particularly important to us since we have complex digital content output.

    FractalScan gives us the view on our data we didn't have."

    CIO of an F1 Team