ITglobal.com booked preliminary audit and pentests of infrastructure of Zhivago Banka

2020: Carrying out audit of IT infrastructure

ITglobal.com reported on August 4, 2020 that his employees carried out a number of works for conformity assessment to Provision of the Bank of Russia 382-P, GOST P 57580 and also executed internal and external testings for penetration of Zhivago Banka.

During preliminary audit and testing for penetration of information infrastructure of Zhivago Banka employees of ITGLOBAL.COM revealed a number of defects, but it is impossible to call them critical — the bank showed the high level of preparation for cyber attacks and could protect data of users according to industry standards.

After preliminary audit the ITGLOBAL.COM command transferred reports and recommendations about completion of infrastructure to customer company that in the shortest possible time to correct the revealed discrepancies and vulnerabilities.

Due to the epidemiological situation the preliminary estimate of compliance of bank to requirements of Provision 382-P and GOST P 57580 were carried out far off. It is a measure which was developed especially for the changed working conditions. The worked approach allowed to create all necessary conditions that remote audit did not differ from the scenario when the employee works directly at the client's object.

Valery Chernov, auditor of information security of ITGLOBAL.COM:

Results of preaudit and pentests showed that the level of information security of Zhivago Bank is much higher, than average values on similar projects — both in the technical plan, and on processes of cybersecurity. Nevertheless, for increase in level of compliance to requirements of the Bank of Russia nevertheless certain adjustments, in particular are necessary for compliance of GOST P 57580.