LiteBit is an online platform which has been making it easy for consumers and companies to buy and sell cryptocurrencies since 2014. There are now over fifty cryptocurrencies available on the platform. Security is obviously a priority for a FinTech organisation like LiteBit. That's why they work with Computest.
“Countless transactions take place on our platform every day. For us and users alike, it is important to know that they are secure,” says Freek Paans, head of IT at LiteBit. “That's why we have a continuous focus on security and our specialists work together with specialised parties. To further enhance this focus, we started looking for a security specialist to enter into a long-term partnership with so that we always have an extra pair of ears and eyes.”
“Computest knows exactly what is happening out there in terms of security and current vulnerabilities.”
- Freek Paans, head of IT at LiteBit
Knowledge of current vulnerabilities
In order to select a partner, Paans invited two parties, including Computest, to perform a pentest. “I have worked with Computest in the past and the experience was very positive. They are also a good fit for us as a company: young, informal, clear communicators and easy to reach. Moreover, they have a lot of expertise in-house and they know exactly what is happening out there in terms of security and current vulnerabilities.”
A security auditor from Computest carried out an investigation into the LiteBit platform on site. From this, a few points emerged that could represent a risk in the short or long term. “Obviously, we tackled those immediately,” says Paans. “It was nice that someone from Computest came to explain the report to us in person. We not only discussed the potential risks but also the solutions. We now have a good initial indication of where we stand with our platform. But we are also in full development mode, which means we can potentially run into new problems all the time. As such, I regard the test that was performed as a snapshot. There are, of course, many more factors that need to be tested. That's why we are happy to be working with a permanent security partner.”
Security as a USP
The importance of security will only increase in the future for LiteBit. “You can see it as a rat race in which security specialists and hackers try to outsmart each other,” says Paans. “As the platform grows, the risks also increase. And with the stakes getting higher, the reputation you have carefully cultivated is at risk. That's why we continuously invest in security and we regard it as a USP, which we want to use to differentiate ourselves from competing platforms. That also makes testing by a third party valuable. Specialists like Computest always spot things you might overlook yourself. It is a kind of independent quality mark that shows your security is in order.”
Security awareness training
With Computest we not only discussed the potential risks, but also the solutions.
Freek Paans, head of IT at LiteBit
Paans emphasises that a strong system and performing security testing are no guarantee of watertight security. There are several factors that determine whether you have a reliable platform. That's why LiteBit employees also complete the Security Awareness Training offered by Computest. “The human factor is also part of your security. It is important that every employee is aware of this. An attack technique such as social engineering or simply using a USB stick whose origin is unclear can result in third parties gaining unauthorised access to your systems. For this reason, we plan to regularly repeat the training so that everyone always remains alert to these types of threats.”