Case Studies

Azure Active Directory compromise

The Azure penetration test helped the client identify and remediate multiple issues and misconfigurations, harden their infrastructure and calculate potential risks.

The challenge

The team was tasked to perform a penetration test against the undisclosed company's Azure AD infrastructure, with access provided by the client. The assessment was driven in a manner that simulated a malicious individual who has initial access to the client's cloud infrastructure.

The solution

The team was able to lay out and demonstrate an attack path against client's Azure AD which could allow for full compromise.

The Attack Lifecycle

Reconnaissance I

AzureHound, ROADRecon and custom cloud enumeration tools were used to assess objects, ACLs, and SSO-supporting applications within the environment.

Reconnaissance II

SSO-supporting applications were manually reviewed to discover sensitive data leaks, authentication information, or insecure RBAC configurations.

Exploitation I

Confluence and Jira configurations were discovered to be insecure, and the team was able to leverage authentication information disclosed in setup scripts to obtain live build node configurations with API keys to third-party services.

Exploitation II

Sensitive authentication information was discovered in an accidental leak, and used for access to Azure CLI on behalf of a monitoring solution, enabling command execution on production servers.

Conclusion

The cloud penetration test helped the client identify and remediate multiple issues with access control and sensitive information protections, harden their cloud and SaaS infrastructure and calculate potential risks.
In addition, the testing process did not disrupt any of the company’s regular activities, nor the normal function of the production environment.

Your Cyber Resiliency is Our Passion

schedule a call

WHY WORK WITH TENENDO?

Reducing high-severity vulnerabilities’ exposure by up to

97%

Reducing the cost of security testing, audit, and consulting by up to

30%

About security testing:

Case Studies | Case studies. Security

Internal Adversary Simulation Case

The adversary simulation activity helped the client identify and remediate multiple issues with the on-premise infrastructure and vulnerabilities, calculate potential risks, and improve the overall security posture. Each finding also included proposed solutions for applying industry-standard defences.

Case Studies | Case studies. Security

PCI DSS segmentation testing

The team created several hardware connect-back appliances and used it in a PCI DSS segmentation testing engagement to uncover impactful network vulnerabilities.

Case Studies | Case studies. Security

Internal adversary simulation

The adversary simulation activity allowed the security team to demonstrate a complete compromise path while not using any usual, “exploitable” vulnerabilities.

← Anti-Slavery and Anti-Human Trafficking Statement

Security Assessment of the Architecture →

The challenge

The solution

The Attack Lifecycle

Reconnaissance I

Reconnaissance II

Exploitation I

Exploitation II

Conclusion

Your Cyber Resiliency is Our Passion

WHY WORK WITH TENENDO?

Reducing high-severity vulnerabilities’ exposure by up to

97%

Reducing the cost of security testing, audit, and consulting by up to

30%

About security testing:

Post navigation