Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: SEC Consult Vulnerability Lab Study - "Application Security of Core Banking Systems - A first reality check"
From: Jeffrey Walton <noloader () gmail com>
Date: Wed, 24 Oct 2012 14:28:16 -0400

On Wed, Oct 24, 2012 at 4:08 AM, SEC Consult Vulnerability Lab
<research () sec-consult com> wrote:

SEC Consult, an international leader in application security services and
consultancy, and Capgemini, one of the world's foremost providers of
consulting, technology and outsourcing services, released the first
international study on security of 3rd party Core Banking Packages.

The study summarizes the vendors' promises, commitments and relevant
activities relating to the application security of their products. As a
'reality check' three Core Banking products have been tested and severe
security vulnerabilities not detected by the vendors have been found in each.
The study emphasizes that state-of-the-art application security has to be
demanded and consecutively validated by application security tests. Failure to
do so can result in the implementation of insecure software products and incur
operational risks.

A summary of the study can be found at our blog:


On a side note, we also have a new look and new contents for our homepage:

Study information:
Send an email to get the study? Seriously? It appears you have used
BugTraq for a press release...

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]