About security testing:

Application Threat Modelling and Phishing Attack Chain Case
A threat model helped prioritize vulnerabilities, leading to the identification of a phishing attack chain that bypassed MFA and allowed unauthorized transactions.

Assumed Breach and Privilege Escalation Case
Weak authentication and poor segmentation enabled privilege escalation from VPN access to full domain control.

Internal Adversary Simulation Case
The adversary simulation activity helped the client identify and remediate multiple issues with the on-premise infrastructure and vulnerabilities, calculate potential risks, and improve the overall security posture. Each finding also included proposed solutions for applying industry-standard defences.