TIBER-EU Penetration Testing Providers
Threat Intelligence-Based Ethical Red Teaming (EU) · Europe
TIBER-EU is the European framework for intelligence-led red teaming of financial entities, developed by the European Central Bank. It provides a standardised approach to threat-led penetration testing (TLPT) that simulates the tactics, techniques, and procedures of real threat actors targeting specific financial institutions.
TIBER-EU tests are conducted by specialist red team providers using bespoke threat intelligence to simulate realistic attack scenarios against live production systems. The framework requires a Threat Intelligence provider to produce a targeted threat report, which informs the Red Team's attack plan. Tests cover people, processes, and technology across the full kill chain.
TIBER-EU has been adopted across EU member states and forms the basis of DORA's TLPT requirements. Financial institutions designated as significant by their national competent authority are required to undergo TIBER-EU-based testing. The framework's rigour makes it one of the most demanding pen testing engagements available.
WithSecure
Leading European cybersecurity firm offering penetration testing with deep expertise in EU regulatory compliance including GDPR, NIS 2, and TIBER-EU.
TIBER-EU FAQs
What is the difference between TIBER-EU and DORA TLPT?+
DORA's TLPT requirements are based on the TIBER-EU framework. TIBER-EU provides the methodology, while DORA makes threat-led penetration testing a legal requirement for significant financial entities in the EU.
Who performs TIBER-EU tests?+
TIBER-EU requires specialist red team providers with advanced adversary simulation capabilities. In many jurisdictions, providers must be pre-approved or meet specific qualification criteria set by the national competent authority.
How long does a TIBER-EU engagement take?+
A full TIBER-EU engagement typically takes 6-12 months from initiation to closure, including threat intelligence gathering, red team execution, and remediation validation.