Skip to content

Case Study

thinkmoney - Security Services and Penetration Testing

Penetration testing and security services for large Financial Services organisation.

thinkmoney-1
thinkmoney pen test

The Client

thinkmoney

The TMG Group of companies is a large and diverse Financial Services organisation that provides practical assistance to customers in managing their finances. The Group offer Debt Management, Banking services, Insurance, and Credit Brokerage services, for loans and credit cards branded under different trading styles.

Thinkmoney is the banking vertical of the group with a large customer base, a diverse offering in a highly competitive, FCA-regulated marketplace. Core banking services are provided via a mobile application whose digital onboarding journey provides a seamless customer experience, enabling application to account in a few simple steps.

Overview

The Requirement

Technology is a critical enabler for thinkmoney; cyber security is paramount to its operations, as are continued assurance of the networks, applications and services which comprise the core business proposition. As such, regular penetration testing is conducted on its infrastructure, applications and services by a variety of specialist providers.

CybaVerse has been employed on multiple penetration testing engagements by the TMG Group of companies; these engagements have included: infrastructure testing, web application security testing, API security assessments, security services.

Timely Collaboration

Scoping & Pre Testing

For each requirement, CybaVerse undertakes a custom scoping and pre-testing procedure. In the scoping call the exact requirements are defined and particular services or techniques are discussed and confirmed. CybaVerse's cyber security experts then put together a full proposal, confirming the project scope and goals. This ensures complete synergy between client and provider.

Because of the long standing relationship between CybaVerse and thinkmoney, scoping can be done quickly and accurately, ensuring the an expedited timeframe for the project.

think money security services

Infrastructure Testing

Web App Testing

API Security Testing

thinkmoney penetration test

Report and Support

Project Progress

CybaVerse’s technical experts stay in constant contact with clients to keep the client up to date with testing progress, reporting critical findings and ensuring the client is receiving the most value out of the testing process.

As thinkmoney's preferred Pen test partner, CybaVerse provides an open and direct line of communication from In-house developers and external testers. As standard, CybaVerse helps clients to implement best working practices after each test. This leads to a deeper test next time around.

Security flaws were intially identified in the system and the testing team worked with the client to fix the issues at the earliest opportunity.

CybaVerse have been working with thinkmoney to enhance their cyber security since 2021.

Words from the client

Maintaining Relationships and Trust

"For each engagement, CybaVerse have been diligent, efficient, and highly effective in their work. The quality of the work conducted has been to a very high standard with clear, detailed reporting (including a thorough breakdown of each issue found, steps for reproduction, risk assessment and scoring, recommendations and suggested remediations) and a considerably impressive depth of testing undertaken; this has provided real value to the thinkmoney security programme.

The knowledge, skills and professionalism of their staff is extremely high, each security tester and consultant we have engaged with has been of the highest standard; throughout the engagement we are kept up to date with progress and findings through regular communications with the team and we are extremely pleased with the results we have achieved."

Glenn Sproule
CISO, thinkmoney