IR Hotline Numbers:

+44 20 3318 1470
+60 154 877 0076
+61 2 7908 1745
+65 3165 8788
caution icon

Experienced a breach? Reach us now

company logo

Risk Assessment

Improving Bank's Security Posture Through Security Testing

Improving Bank's Security Posture Through Security Testing

The Background

ICICI Bank is India's largest private sector bank, with presence in 17 countries, including Singapore. ICICI Bank offers a wide range of banking products and financial services to corporate and retail. ICICI requested Pragma to conduct a vulnerability and penetration testing assessment of the FAST payment servers hosted in Singapore and to provide a report on the vulnerabilities found and associated risks. The purpose of this assessment was to verify the effectiveness of the security controls put in place by ICICI to secure business critical information. The internal networks, including systems and application, are important to ICICI as they are utilised to process FAST payments. If accessed inappropriately, it could cause reputational damage and/or financial loss to ICICI and its management.

The Process

The nature of the testing performed was designed to replicate the threat of an attacker wishing to gain access to ICICI computer systems or data, through an unknown weakness in the systems and security mechanisms in place.

In an effort to test ICICI ability to defend against direct attack, Pragma executed a comprehensive network vulnerability scan, including exploitation of weakened services, client-side attacks, and server-side attacks using Rapid 7 insightVM.

The Result

The report represented the findings from the assessment and the associated remediation recommendations to help ICICI strengthen its security posture.

Pragma identified various issues, a few to be considered for remediation according to ICICI bank risk and patch management processes. Few issues could be remediated if desired, but do not by themselves represent a vulnerability.


Vulnerability Assessment
Penetration Test

Join the Pragma Community Today



Cyber Advisory

Technology Risk

Compliance, Conduct, and Regulatory Risk

IT Audit


Pragma Logo

Terms & conditions

Privacy Policy