Evaluating the Security Controls Implemented in a Global Investment Firm
Crossbridge is a fully integrated financial services platform offering wealth management, family office, corporate finance and digital investment solutions to families, entrepreneurs and business owners in Emerging Markets worldwide.
It is Singapore's first digital advisory platform developed to meet the investment needs of Accredited Investors. On annual basis, Crossbridge requires testing of its internal infrastructure and external web application. The tests enable Crossbridge to understand the threats, weaknesses and how to strengthen the technology used to protect the business.
The purpose of the assessment was to verify the effectiveness of the security controls put in place by Crossbridge to secure business-critical information.
The nature of the testing performed was designed to replicate the threat of an attacker wishing to gain access to Crossbridge computer systems or data, through an unknown weakness in the systems and security mechanisms in place. To test Crossbridge ability to defend against direct attack, Pragma executed a comprehensive vulnerability scan, including exploitation of weakened services, client-side attacks, and server-side attacks using Rapid 7 InsightVM.
Pragma identified multiple issues, a few to be remediated as soon as possible. We recommended courses of action addressing any compliance gaps and security vulnerabilities identified and include both stop-gap solutions and long-term solutions.
The tests enable Crossbridge to understand the threats, weaknesses and how to strengthen the technology used to protect the business.