Date: Wed, 24 Oct 2012 10:08:51 +0200
From: SEC Consult Vulnerability Lab <research@...-consult.com>
To: bugtraq <bugtraq@...urityfocus.com>, <full-disclosure@...ts.grok.org.uk>
Subject: SEC Consult Vulnerability Lab Study -
 "Application Security of Core Banking Systems - A first reality check"


SEC Consult, an international leader in application security services and
consultancy, and Capgemini, one of the world's foremost providers of
consulting, technology and outsourcing services, released the first
international study on security of 3rd party Core Banking Packages.

The study summarizes the vendors' promises, commitments and relevant
activities relating to the application security of their products. As a
'reality check' three Core Banking products have been tested and severe
security vulnerabilities not detected by the vendors have been found in each.
The study emphasizes that state-of-the-art application security has to be
demanded and consecutively validated by application security tests. Failure to
do so can result in the implementation of insecure software products and incur
operational risks.

A summary of the study can be found at our blog:

http://blog.sec-consult.com


On a side note, we also have a new look and new contents for our homepage:
https://www.sec-consult.com

Study information:
https://www.sec-consult.com/en/Vulnerability-Lab/Studies.htm




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
SEC Consult Unternehmensberatung GmbH

Office Vienna
Mooslackengasse 17
A-1190 Vienna
Austria

Tel.: +43 / 1 / 890 30 43 - 0
Fax.: +43 / 1 / 890 30 43 - 25
Mail: research at sec-consult dot com
https://www.sec-consult.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists