TLPT
Threat-Led Penetration Testing
What Is Threat-Led Penetration Testing (TLPT)?
TLPT is based on the TIBER-EU framework for conducting red team assessments in financial institutions and banks. In this process, realistic attack scenarios are developed and simulated, modeled on the methods and approaches of potential attackers.
By strategically employing tactics, techniques, and procedures (TTPs), both technical vulnerabilities in IT infrastructures and organizational gaps in operational processes are identified. The insights gained enable companies to evaluate existing security measures, implement targeted improvements, and thereby sustainably strengthen their digital resilience.
Who Is Required to Carry Out TLPT?
Not all financial institutions affected by DORA are automatically required to carry out TLPT. If you are obligated to do so, your national supervisory authority will inform you accordingly. You must also include your external third-party providers within the scope of the test if they operate or provide IT systems or applications that support a critical or important function for your institution.
What Is The General Process of TLPT?
Before the actual testing phase, a threat intelligence analysis is conducted as part of the TLPT. In this phase, information about relevant current, industry-specific, and company-specific threats is collected. Based on this, realistic attack scenarios are defined. These scenarios cover various attack surfaces, including physical attacks, social engineering, and technical attack vectors. Afterwards, these attack scenarios are implemented as realistically as possible in the form of a red team assessment.
Own illustration based on https://www.bafin.de (in German)
Would You Like to Prepare for TLPT? We Can Help!
Are you expecting to be requested by your competent supervisory authority to carry out a TLPT? Feel free to contact us for a non-binding initial consultation.
More Information About TLPT
