Incenter is a total game changer

Company: FNZ AUM: $1.5 Trillion Employees: 4,000

At OccamSec, it’s not unusual to work with financial services companies to determine the risk posed by security adversaries. But a recent interaction with our client FNZ, a global wealth management platform that manages $1.4 trillion in assets, proved the value of continuous penetration testing. Traditionally, pen-testing happens once a year or a point in time exercise. Instead, FNZ opted for a more ongoing assessment approach when looking for vulnerabilities provided by our Incenter platform, which is considered a game-changer in the industry.

While FNZ regularly relies on the platform to highlight vulnerabilities within its own organization, the unique setup also allowed them to conduct an urgent security assessment for a major financial services client. Since Incenter is always on, OccamSec could add the client to the platform within 24 hours, and remediation guidance was offered almost immediately. Everything was in scope within a couple of days, and final findings were provided.

Incenter is a total game changer in the market. There are only a handful of companies doing continuous pen testing, but OccamSec’s model is completely different from anything I’ve seen.

– Robbie Tyrie, Application Security Lead

If FNZ couldn’t provide that security attestation or report promptly, there was a chance the application couldn’t be released as expected. That could have resulted in a $2 million fine. Instead, FNZ avoided a fine, and the correct level of security was confirmed, ultimately preventing the exploitation of any vulnerability. This example is evidence there’s a shift in the industry; organizations need to have an ongoing view of threats and vulnerabilities. That’s precisely why OccamSec noted this paradigm shift in the security industry and created the Incenter platform to transition from traditional point-in-time pen tests to continuous security assessment, averting crises before they can even arise.