Case studies
If we are able to automate security and testing tooling, we can incorporate it at every stage of the agile cycle, and improve outcomes for security, test and the development teams.
talk to an expertWhen it comes to quality and security, people are your strongest asset—ours too. All of the outsourced team’s attention and effort are focused on the specific activities for which they were hired. This hyper-focus on specific stages in the quality assurance or security process leads to a more deliberately built pipeline which in turn increases revenue. Expertise leads to confidence, which leads to the trust of prospects, which leads to sales.
If you need to improve internal development, QA and deployment processes, and also require your product to be reliable and secure by design, you should consider a partnership with Tenendo.
Our experience in testing and security processes established delivery teams with highly skilled staff and expertise in security provides a great value to our services.
Improve and optimize the testing process
Building Test Architecture and Test Strategy in CRM project
Testing Management
In a management assessment the emphasis is mainly on leadership qualities. In this assessment the focus was on issues like independence, delegating and communication.
Automated testing
The joint work of architects, developers, tester and managers made it possible to redesign the project in a short time (about 2 months), speed up the testing process several times and simplify the preparation of…
Social engineering
During this social engineering engagement, it was possible to achieve persistent internal access, exfiltrate confidential and personal information, and compromise the internal segmented infrastructure.
Client-Bank application compromise
This case is a very good example why manual penetration tests are valuable – the team achieved compromise without administrator access to the application, not using any known exploits or discovering injection/deserialization/other RCE flaws.
Internal Adversary Simulation Case
The adversary simulation activity helped the client identify and remediate multiple issues with the on-premise infrastructure and vulnerabilities, calculate potential risks, and improve the overall security posture. Each finding also included proposed solutions for applying…
Azure Active Directory compromise
The Azure penetration test helped the client identify and remediate multiple issues and misconfigurations, harden their infrastructure and calculate potential risks.
EDR product’s effectiveness evaluation
Evaluating EDR Product against Threat Actors: Uncovering Limitations and Collaboration for Enhanced Detection of Multiple Killchains.
Targeted Phishing on Cloud Services Provider Admin infrastructure Case
Successful phishing attacks revealed detection gaps in support and SOC teams, allowing unauthorized access without alerts.
Assumed Breach and Privilege Escalation Case
Weak authentication and poor segmentation enabled privilege escalation from VPN access to full domain control.
Network Compromise and Cloud Infrastructure Exposure Case
Poor network segmentation enabled an attacker to pivot from internal access to full cloud takeover.
Application Threat Modelling and Phishing Attack Chain Case
A threat model helped prioritize vulnerabilities, leading to the identification of a phishing attack chain that bypassed MFA and allowed unauthorized transactions.
