We’ve worked again with Which? (aka the Consumers’ Association) to undertake an in-depth study into the cybersecurity posture of the UKs leading banks, focussing specifically on their online and app security. This was performed by our world-class cyber security consulting team at Red Maple Technologies.
Use of FractalScan Surface for the study
Our consulting team used FractalScan Surface extensively for this study, to automate what would otherwise have been a very laborious task of online asset discovery (often call ’enumeration’), and the matching of finding against known vulnerabilities and configuration errors.
Two key areas we used FractalScan Surface for in the study were:
- Websites - to scan the websites and public assets of all the organisations testing for such things as any sensitive ports and services, for out-of-date components in web applications, TLS misconfiguration or expired certificates.
- Email configuration - to test the SPF, DKIM and DMARC settings and configurations of the main sending domains for each bank.
You can find the final Which? report on their website here: Which banks have the best online and app security?
We have also written a more detailed blog where we discuss how we conducted the testing and what was included.
|
David is Red Maple Technology's Chief Technology Officer, and one of our co-founders. He has 25 years' experience of leading, developing and architecting complex technical systems across the Defence, Government and Commercial sectors. David is a cyber security and cloud infrastructure specialist, with a rich background in agile methodology and modern software development technologies, covering a broad range of environments from embedded systems to web applications. |
