A prominent Turkish bank with over 40 years of history and part of a global banking group serves millions of customers nationwide. Owning several subsidiary brands, the bank operates in a highly dynamic and competitive environment. As cyber threats become increasingly sophisticated, the bank recognized the need to bolster its cybersecurity posture to protect its assets, customers, and reputation.
External Attack Surface Management (EASM)
Initially, the bank integrated Deepinfo's External Attack Surface Management (EASM) solution to gain complete visibility over their digital assets and identify potential vulnerabilities.
- Smart Asset Discovery: Automatically identified all internet-facing assets, including unknown or forgotten ones associated with the bank and its subsidiary brands.
- Continuous Scanning: Monitored assets in real-time for vulnerabilities, misconfigurations, and compliance issues across WHOIS, DNS, SSL, HTTP, open ports, and more.
- Comprehensive Risk Detection: Assessed and prioritized vulnerabilities, enabling proactive remediation.
- Remediation with Actionable Insights: Provided precise guidance to mitigate identified risks efficiently.
- Complete Risk Scoring: Assigned risk scores based on vulnerability severity and potential impact.
Outcome from EASM Implementation
- Enhanced Visibility: Discovered over 1,200 previously unknown assets, including legacy web applications and unsecured cloud instances.
- Risk Reduction: Identified and remediated critical vulnerabilities, reducing the attack surface by 50%.
- Improved Efficiency: Streamlined vulnerability management processes, saving time and resources.
Impressed by the results, the bank expanded their use of Deepinfo's platform to include Brand Risk Protection (BRP).
Brand Risk Protection (BRP)
- Fraudulent Domain Monitoring: Detected and tracked unauthorized domain registrations and websites impersonating the bank or its subsidiary brands.
- Managed Takedown Services: Assisted in removing fraudulent sites to prevent phishing attacks and protect customers.
- Social Media Monitoring: Monitored social media platforms for unauthorized use of the bank's brand and logos.
- Search Engine Monitoring: Identified harmful content associated with the bank in search results.
Outcome from BRP Implementation
- Brand Integrity Preserved: Successfully detected and took down over 150 fraudulent domains and phishing sites within the first three months.
- Customer Protection: Prevented numerous phishing attacks, safeguarding customers' personal and financial information.
- Reputation Management: Maintained trust with customers by proactively addressing brand misuse.
To further enhance security, the bank implemented Deepinfo's Cyber Threat Intelligence (CTI) solution.
Cyber Threat Intelligence (CTI)
- Compromised Client Credentials Monitoring: Detected if customer login information appeared on the dark web or in data breaches.
- Compromised Payment Credentials Monitoring: Identified exposure of customer credit card information.
- Threat Actor Intelligence: Provided insights into threat actors targeting the financial sector, including their tactics and techniques.
- Data Breach Index: Accessed historical data breaches for analysis and pattern recognition.
Outcome from CTI Implementation
- Early Threat Detection: Identified instances of compromised client credentials, allowing the bank to prompt password resets and notify affected customers promptly.
- Fraud Prevention: Detected and mitigated potential fraud involving exposed credit card information.
- Enhanced Threat Awareness: Gained valuable insights into emerging threats specific to the banking industry, enabling proactive defense strategies.