A 100-year-old Indian bank with business worth over 1000 Cr sought to conduct a Network & Core Banking System (CBS) Vulnerability Assessment and Penetration Testing (VAPT). The project included a security audit of servers, systems, and IT infrastructure, following OWASP-10 guidelines for the CBS application, website, and email server. The engagement involved an on-site visit, a thorough review, and the provision of valuable security recommendations across branches and disaster recovery (DC-DR) sites.