comprehensive vulnerability report across 13 parameters
issues found and fixed
reduced operational costs by up to 40 percent
Though the entire business world is now in an arms race against increasingly sophisticated threats, the financial sector remains a particularly lucrative target for cyberattacks. As a leading digital banking platform, EBANQ processes vast amounts of sensitive and confidential data, so the company needed to fortify its security measures. Already working with Vention’s team, EBANQ knew we would be its key ally in reaching this goal.
First off, we performed a range of penetration tests to identify potential loopholes in the company’s web and mobile apps. Almost immediately, we moved on to a full-scale technical audit, giving EBANQ a 360-degree view of its overall security status.
Next, we integrated DevSecOps tools and OWASP dependency checks into the client’s CI/CD pipeline to enable real-time vulnerability detection. Once we had conducted an extensive analysis of the new infrastructure, our team developed a robust security roadmap to give EBANQ clear guidance on how to proactively respond to arising issues — all in full compliance with PCI DSS and ISO 27001.
Finally, our team automated daily DevOps tasks using tools like Jenkins, Terraform, and Bash, significantly saving operational time by at least 50 percent. We also streamlined database security using Vault for secrets rotation in Kubernetes and ensured fair distribution of cluster costs among clients using Kubecost.
Our efforts paid off for other projects, too: With our infrastructure recommendations in place, Vention’s development team could quickly migrate the platform to a modern Golang stack and microservice architecture, maximizing the system’s scalability and performance.
Tools & technologies
Cloud platforms and services:
AWS (Amazon Web Services) components like:
AWS Load Balancer Controller
Amazon EBS CSI driver
Container orchestration and related tools:
Kube Prometheus Stack
Configuration management and automation:
The Vault Secrets Operator
Web Server: Nginx
Open Policy Agent