NEW YORK, NY — Fluid Attacks, a software security testing company, this week unveiled its security testing solution Continuous Hacking at Fintech Nexus in New York City.
The solution searches for vulnerabilities in fintech software from the early stages of development with the expertise of ethical hackers, who inform clients of their findings so that they can fix them.
The modernization of financial services has been possible thanks to innovative software development. Its advantages include increased efficiency and automation and improved user experience.
This new take on finance has enabled customers worldwide to do their regular transactions, submit requests, and get remote support. For such innovation to truly flourish, however, security is paramount if users are to be guaranteed high confidentiality and constant availability of the services.
In a cybersecurity report this year, IBM Security X-Force identified finance and insurance as the second most attacked industry worldwide. The report showed that fintech companies are mostly threatened by attackers gaining unauthorized access to their servers, which, in turn, makes ransomware attacks possible.
An aggravating factor is that fintech companies, especially startups, may be at a higher risk than bigger companies of being forced to close their operations after a cyberattack. This is because the latter may be able to take the financial blow and face the impact on their reputation better than younger companies.
This likely scenario should encourage companies in the fintech ecosystems to discuss cybersecurity and treat it as a precondition to making systems available to users.
Companies developing custom software should assess their systems to find vulnerabilities throughout the entire software development lifecycle, beginning from the project planning stage, and prevent paying higher costs due to cyberattacks.
Continuous Hacking goes beyond implementing automated tools by adding the work of highly certified ethical hackers. They use manual techniques, such as penetration testing to look for the most complex and critical security issues.
Through their management platform, Fluid Attacks informs clients of vulnerabilities found in their system, who are then responsible for fixing them, after which Fluid Attacks assesses how effective the solution was. Fintechs can be alerted to fix problems that, if left unattended, would allow malicious attackers to circumvent security and install malware, steal data or commit fraud.
Tony Zerucha is a long-time contributor in the fintech and alt-fi spaces. A two-time LendIt Journalist of the Year nominee and winner in 2018, Tony has written more than 2,000 original articles on the blockchain, peer-to-peer lending, crowdfunding, and emerging technologies over the past seven years. He has hosted panels at LendIt, the CfPA Summit, and DECENT’s Unchained, a blockchain exposition in Hong Kong.