About security testing:

Social engineering
During this social engineering engagement, it was possible to achieve persistent internal access, exfiltrate confidential and personal information, and compromise the internal segmented infrastructure.

Assumed Breach and Privilege Escalation Case
Weak authentication and poor segmentation enabled privilege escalation from VPN access to full domain control.

Network Compromise and Cloud Infrastructure Exposure Case
Poor network segmentation enabled an attacker to pivot from internal access to full cloud takeover.