Case Study

BranchServ Elevates Product Security Via Due Diligence Penetration Tests with Coalfire Labs

September 23, 2019
Resources New Case Studies 814x460 Branch Serv

For BranchServ, a leading security and automation equipment and service provider to financial institutions nationwide, identifying logical vulnerabilities was critical to optimizing overall security for its LTA family of products.


With more than three decades of experience in the financial services industry, BranchServ provides security and automation equipment and service to more than 14,000 bank and credit union branches nationwide, including 5 of the 10 largest U.S. branch banking networks.

As part of its process, BranchServ conducts penetration testing on every automation product offered to ensure that secure cash recyclers, automated teller machines (ATMs), and advanced terminals (ITMs) are brought to market.

“In an effort to better meet the needs of our clients, we decided to take a new approach in the product lifecycle development process for our cash recyclers by having an independent penetration testing firm conduct the test,” explained Rebecca Cicarelli, director of marketing and business development at BranchServ. “We conducted an exhaustive search of penetration testing providers, taking major financial industry referrals into account as part of our process. Then we conducted extensive interviews and vetted vendor capabilities.”

Ultimately, BranchServ chose Coalfire since the company has executed more than 1,500 penetration tests over the past two years and facilitates technical discussions prior to actual testing. “Being able to speak with Coalfire’s penetration testers before executing the testing gave our team greater peace of mind and ensured that the process would support the ‘best-in-class’ software security that our clients demand,” says Cicarelli.


To ensure a safe and secure market entry, BranchServ had Coalfire Labs, the technical testing division of Coalfire, examine its LTA product family to identify vulnerabilities.

Coalfire approached the penetration test using three unique attack scenarios, assuming the role of:

  • Those who had direct physical access to the LTA product, such as a teller
  • Those who had access to internal protocols with the LTA product, such as maintenance technicians or middleware software
  • Those who had access to the LTA product network

First, Coalfire performed kiosk breakout attacks against the software in an attempt to circumvent LTA software and gain access to the underlying operating system. During the second scenario, Coalfire performed reverse engineering of internal communication and manipulation of troubleshooting protocols against the software to try to gain control of the LTA hardware. Lastly, Coalfire performed a network test against the software to discover any open ports, services, or banner information that could be exploited directly or leveraged in an attack.

Once testing was complete, Coalfire issued a report that summarized the scope, testing methodology, and results and detailed the vulnerability findings. In addition, the report provided the detail needed to assist the team in recreating and subsequently remediating discovered issues.


Coalfire’s advice gave BranchServ a complete understanding of its software’s exploitable vulnerabilities, as well as clear, concise remediation strategies to strengthen the product line. BranchServ worked quickly to remediate the findings. “Coalfire’s penetration test allowed us to successfully improve software security and reduce the security exposure associated with the LTA product line, benefiting our company and clientele,” says Cicarelli.

Coalfire’s work provided BranchServ assurance that it could confidently offer the LTA-350 to meet customer needs for industry-leading TCR security and performance.

“Our ability to bring our engineering team to Coalfire’s testing location and work hand-in-hand with the Coalfire team to ensure optimal results was critical to the outcome. The collaboration turned into a learning experience for everyone involved.”