Project Summary
Oceanic Trust, the 10th largest consumer bank in the U.S. with $350B in deposits and 30,000+
employees, had migrated 80% of its applications to the cloud and now operated thousands of APIs for
customer, partner, and internal data transfers. After industry-wide breaches caused by weak API controls,
Oceanic leadership engaged the Internal Audit Cybersecurity team to evaluate the security of its
API Platform. The audit sought to identify risks, test controls, and assess readiness against
regulatory requirements like GDPR and frameworks like NIST CSF.