Contact us: info@tenendo.com
PCI DSS segmentation testing case
The team created several hardware connect-back appliances and used it in a PCI DSS segmentation testing.
Targeted Phishing on Cloud Services Provider Admin infrastructure Case
Successful phishing attacks revealed detection gaps in support and SOC teams, allowing unauthorized access without alerts.
Assumed Breach and Privilege Escalation Case
Weak authentication and poor segmentation enabled privilege escalation from VPN access to full domain control.
Network Compromise and Cloud Infrastructure Exposure Case
Poor network segmentation enabled an attacker to pivot from internal access to full cloud takeover.
Case Study: Strengthening Compliance with NIST CSF 2.0
Poor network segmentation enabled an attacker to pivot from internal access to full cloud takeover.
Application Threat Modelling and Phishing Attack Chain Case
A threat model helped prioritize vulnerabilities, leading to the identification of a phishing attack chain that bypassed MFA and allowed unauthorized …
Payment processing API penetration testing
Tenendo specialists discovered an unattended staging environment and leveraged its vulnerabilities for sensitive information disclosure. This informat…
Client-Bank application compromise
This case is a very good example why manual penetration tests are valuable - the team achieved compromise without administrator access to the applicat…
Internal Adversary Simulation case study
Do you want to know how your organisation will fare against an internal attack? Look no further than Tenendo's Internal Adversary Simulation.
Internal Adversary Simulation Case
The adversary simulation activity helped the client identify and remediate multiple issues with the on-premise infrastructure and vulnerabilities, cal…