Why Solarisbank Values Agile Pentesting
Solarisbank is an innovative technology-first company that offers Banking-as-a-Service to customers, enabling them to integrate financial services into their products. They take care of the technical and regulatory complexities of banking, and leverage Cobalt’s Pentest as a Service platform to maintain compliance and customer confidence.
“With the Cobalt platform, we could enter all the necessary information for the testers. Before we actually started the test, we had a tech session with the pentesters to really show them our product, how it works, and also guide them to the necessary information.”
Solarisbank needed a team of pentesters to quickly spot vulnerabilities to ensure customer data security through their Banking-as-a-Service platform.
Security is not only a regulatory requirement for Solarisbank, but it's also fundamental for business success.
Solarisbank was seeking transparent and detailed reporting to pinpoint security vulnerabilities and know exactly where to begin remediation.
The description of each finding from Cobalt is very detailed, so Solarisbank has a total view of the steps the pentesters used to discover a vulnerability.
Cobalt is fully transparent throughout the pentesting process, and Solarisbank has the ability to steer the testers in the direction they want.
Solarisbank receives very professional reporting from Cobalt, and the team can generate reports with different levels of detail.
Pentesting is a regulatory obligation, a requirement by different stakeholders, and it’s also a fundamental part of Solarisbank’s secure Systems Development Lifecycle (SDLC). When starting the pentesting process with Cobalt, Solarisbank found the preparation itself was very straightforward and structured. With that in mind, they could also set up the test in a short timeframe.
Through efficient communication and research from the start, pentesters gain all of the adequate information needed about the product before the test — Solarisbank found this process produced better results. Throughout the pentesting process, Solarisbank gets notified about a finding from the pentesters and can then directly assign it to their developers.
The descriptions of findings are highly detailed to include the steps the pentesters used to exploit a vulnerability. Cobalt also provides screenshot documentation that Solarisbank can give directly to the developers, so they could understand exactly what the pentesters did and work on mitigation.
“The trust that SolarisBank customers have is very important for us, and therefore, they wanted to ensure that their services are secure.”
We are a happy customer and have been for three years. We encourage all our customers to use Cobalt.io to ensure that everyone we work with has secure practices in place.Read more customer stories