Kubernetes Penetration Test

kubernetes java webapp saas fintech

The Client

FinTech based in London and San Francisco providing an API-driven platform for smarter, quicker data aggregation and payments and a significant player in helping organisations implement Open Banking and PSD2 compliance.

The Challenge

The client required specialist penetration testing of their Kubernetes-based infrasructure as part of their internal security assurance programme and external compliance requirements.

The cluster was self-hosted on Amazon Web Services and built using Kops with a common multi-namespace approach to managing a number of different environments.

The Solution

As one of very few technical security testing companies worldwide with specialist knowledge of container security and Kubernetes in particular, 4ARMED was engaged to review the cluster from both an external and internal perspective.

Our consultant worked with the client to highlight risks, demonstrate potential methods of attack and put together a list of recommendations including, where necessary, detailed technical guidance.

We like working with 4ARMED particularly because they have a deep understanding of security in AWS, particularly kubernetes. They not only carry out a thorough pen-test but they also work with our tech teams to help them understand better how to secure our environments in a practical way. Outside of the programme 4ARMED are always there for ad hoc advice if we are planning infrastructure changes, particularly as we are a PCI DSS Level 1 supplier.

Stephen

Head of Risk, Security and Compliance

Related Services

Kubernetes Penetration Testing

Next Steps

Could your business benefit from an engagement like this? Want to discuss your requirements further? Give us a call or complete this contact form to tell us about your requirements and we will work with you to find the best solution for you.
+44 (0)203 475 2443 sales@4armed.com
4ARMED Limited
3 Warren Yard, Warren Park, Stratford Road, MILTON KEYNES MK12 5NW, England