CASE STUDY

ING EurasiaNetherlandshttps://www.ing.com

An international financial institution such as ING Insurance that has offices all over the

world, remote employees, and a sophisticated infrastructure, depends heavily on web

applications. Web applications such as internal portals, external portals, life insurance

and investment management websites, as well as, online banking web applications

are used to share data among all of the corporation's offices and employees.

Web applications are also used by ING customers and other businesses to access

their bank accounts and finances.

The above implies that a great focus has to be put on security to protect all this

information that is extremely valuable for the institution and its clients.

ING EURASIA IT Audit Team Chooses Netsparker to Detect Web ApplicationVulnerabilities

The IT Security Audit team at ING performs audits to ascertain whether numerous

websites and web applications are solid and secure.

An Automated and Easy-to-Use Web ApplicationSecurity Solution Needed

“As opposed to other web

application scanners we used,

Netsparker is very easy to use

and does not require a lot of

configuring.

“An out of the box installation of

Netsparker detecs more

vulnerabilities than any other

web application security

scanner we have used so far.

Most of these web applications are custom built, using a wide variety of commonly

used web frameworks as underlying infrastructure.

The need was evident for a solution that could meet the financial institution

requirements and that could be implemented seamlessly.

"When we were evaluating web application security scanners, Netsparker was the

scanner that identified most vulnerabilities without requiring any configuration

changes. It also identified several SQL injection and cross-site scripting vulnerabilities

that other scanners did not identify," said Perry Mertens, Supervisor Auditor at the ING

EurAsia IT Audit team.

ING is a global financial institution of Dutch origin, currently offering banking,

investments, life insurance and retirement services to meet the needs of a broad

customer base.

When a company has the need to audit many web applications on a continuous basis,

they need to make sure that the right tools are used to detect all web application

vulnerabilities possible, to keep malicious hackers out and make sure their customers'

money is secure at all times.

The ING EurASIA Audit team chose Netsparker over several other web application

security scanners because:

• It is a very easy-to-use web application security scanner.

• Penetration testers do not need to spend hours configuring it because, by default, it

• supports a wide variety of web application technologies.

• Implementations can generate meaningful reports.

• It is affordable.

Why did ING IT Audit Team Choose Netsparker Web Application Security Scanner?

Netsparker Identifies More Vulnerabilities and Reports No False Positives

About ING

“When we were evaluating web

application security scanners,

Netsparker was the scanner that

identified most vulnerabilities

without requiring any

configuration changes.

“Netsparker identified several

SQL injection and cross-site

scripting vulnerabilities that

other scanners did not identify.

USA O�ce: +1 415 877 4450UK O�ce: +44 (0)20 3588 3840

https://www.netsparker.comcontact@netsparker.com

ING EurasiaNetherlandshttps://www.ing.com