AdvisoryFinancial ServicesClient Story

Security Testing to Identify Gaps Within a Security Program

A financial services Client wanted to validate various improvements and identify remaining gaps within their security program.
Read our other Financial Services Client Stories.

Identifying gaps for more secure applications
Financial Services

Practice Areas
  • Red Team / Blue Team / Purple Team Exercises

Our Client’s Challenge:

  • Security information and event monitoring (SIEM) infrastructure elements were in place, however the coverage and ability to manage alerts was unknown. For example, malicious activities and attacks may not have been adequately caught by the current SIEM configuration as the effectiveness had yet to be tested.
  • Our Client had a need to understand the potential gaps between what is discovered by a red team (attacks), and what is detected and observed by a blue team (defence).

Our Approach:

  • Security Compass held planning meetings with our Client to understand the current landscape and business needs for the existing SIEM solution. This helped to drive specific scenarios where the red team could build and target specific attacks to test the SIEM monitoring and blue team responsiveness.
  • Working with our Client, we developed test cases for each scenario where detection of a threat should occur. This would help the blue team identify whether their SIEM solution was configured correctly as they should be able to detect the red team’s attack and be able to respond.
  • Together, we coordinated the red team attacks while working with members of the Client's blue team in a coordinated effort to assess the effectiveness of the SIEM solution and detection of potential attacks.

The Result:

  • Having invested a lot in software and tools to help monitor and respond to security attacks, our Client was able to conclude which of their security enhancements were effective and/or ineffective in detecting and responding to threats.
  • Security Compass helped to identify weaknesses and gaps in our Client’s SIEM platform and provided strategic recommendations to optimize threat detection and response processes for the blue team.
  • This red team vs blue team exercise helped our Client validate their investment spent over the years to improve their response capability to attacks and improve overall security posture.
Our Client was able to test the effectiveness of their security program in real-time via a Red team vs. Blue team engagement. They were able to validate their investment spent over the years to improve their response capability to attacks and improve overall security posture.

Back to Client Stories

Our Advisory services team has more than a decade of experience focused on Application Security. We take a flexible approach to your strategic security problems.

Whether you are a global enterprise looking for advice on security strategy and governance, a major financial seeking support on regulatory compliance and penetration testing activities, or a startup looking for high quality assessments to give customers assurance for your business, we're here for you.

Our credentialed professionals are experts in how to break applications and fix code, who take pride in helping you succeed in your Secure SDLC and Secure DevOps programs. Contact us today to learn how we can help solve your organization’s application security challenges.