Blog | Tenendo

Avoiding Templates injection

The best way to prevent server-side template injection is to not allow any users to modify or submit new templates.

Avoiding other injections

Secure coding practices prescribe that spring expressions using dynamic values should be avoided.

Cloud Infrastructure Audit and Performance testing case

The main goal of the Technical Audit from a customer request was to understand if the system is scalable or not and provide guidance for improvements.

PCI DSS segmentation testing case

The team created several hardware connect-back appliances and used it in a PCI DSS segmentation testing.

Internal Adversary Simulation case study

Do you want to know how your organisation will fare against an internal attack? Look no further than Tenendo's Internal Adversary Simulation.

Internal Adversary Simulation Case

The adversary simulation activity helped the client identify and remediate multiple issues with the on-premise infrastructure and vulnerabilities, cal…

Azure Active Directory compromise

The Azure penetration test helped the client identify and remediate multiple issues and misconfigurations, harden their infrastructure and calculate p…

EDR product’s effectiveness evaluation case

Evaluating EDR Product against Threat Actors: Uncovering Limitations and Collaboration for Enhanced Detection of Multiple Killchains.

Targeted Phishing on Cloud Services Provider Admin infrastructure Case

Successful phishing attacks revealed detection gaps in support and SOC teams, allowing unauthorized access without alerts.

Assumed Breach and Privilege Escalation Case

Weak authentication and poor segmentation enabled privilege escalation from VPN access to full domain control.

Application Penetration Testing

Infrastructure Assessment

Cloud Infrastructure

Performance and scalability assessment

Cybersecurity assessment

Red Teaming

Compliance Readiness Services

Purple Teaming

Training

Due Diligence

Insides

Case Studies

Contact Us

About Tenendo

Contact us: