Services
Insights
Software Engineering
IT Consulting
Artificial Intelligence
Progress OpenEdge
Cloud
As a financial service provider, Orion Securities performs regular security check-ups not only to meet regulations in EU Regulations but also ensure safe, stable, and timely services for investors amid rising global cyber threats. We are happy to collaborate with Orion Securities again – this time implementing an independent IT security audit.
Orion Securities is an investment firm providing full range of investment services including intermediation in financial markets, investment banking, private banking & wealth management, securities services, and fund depositary. Their clients are high-net-worth individuals, corporate customers and asset managers. They do operate under Full Scope EU Investment Firm License issued by the Bank of Lithuania. As a financial services company, Orion Securities prioritises information security. Regular security assessments are conducted to fortify resilience against cyber attacks and uphold data protection.
Building on our successful past collaboration with Orion Securities, the client reached out to us for their security needs. In response, we provided and implemented authorised penetration testing.
We conducted comprehensive penetration testing, covering frontend, backend, and authorised user access for APIs. Our team evaluated internal network security, conducting checks on the client's internal equipment, applications, operating systems, and servers. This encompassed scrutinising network user enumeration, privilege escalation, AD security, and potential login data interception.
Our cyber security team also conducted OSINT, enumerating company email addresses, examining publicly available client IPs, and scrutinising communication with external systems. Lastly, we performed an automated vulnerability assessment for both external and internal IT infrastructure, including web applications.
Following the penetration testing, we delivered a detailed report to the client, explaining the results and providing an overall analysis of their security situation. This report offers easy-to-understand insights for the client's IT team.
The completed report clearly describes areas that need improvements and offers step-by-step recommendations on how to implement them. This provides guidance to the client's team in taking practical steps to enhance both external and internal network security for their IT systems.
Lastly, our team that implemented the project consisted of cyber security experts certified in CISSP, CDPSE, CISA, CEH, and CompTIA PenTest+. This underlined our commitment to providing top-tier security services for the client.
