Application Security and Secure Software Development
Conducting Security and Source Code Review for a Global Leader in Digital Wealth Management
Bambu is a Robo-advisory solution provider offering financial and consumer brands the ability to integrate and benefit from the ongoing digital transformation in wealth management. Bambu markets its services worldwide, capitalising on our traction to tap the growing market.
Founded in 2016, the company is headquartered in Singapore by industry experts Ned Phillips and Aki Ranin, and with subsidiaries in Hong Kong and the United Kingdom.
Pragma worked with Bambu to conduct a security and source code review of their application with recommendations to improve security posture and coding practices.
We performed both onsite and offsite assessments of the platform and analysed how Bambu manages its DevSecOps procedures.
We evaluated the DevSecOps framework and reviewed against good practices for Development (OWASP Top 10), Security OSSTMM, and ITIL v4. All encompassed in SCRUM.
The assessment process requires Bambu to mitigate control deficiencies in their development, security and operations (DevSecOps) practices.
Our recommendations and final assessment enabled Bambu to show application security to Bambu's client, helped secure funding and multiple clients. Bambu's understands the risks of their publicly accessible infrastructure, and our support helped them to mitigate many of these risks through our deep knowledge of technology, regulations, recommendations and solutions.