About security testing:

Social engineering
During this social engineering engagement, it was possible to achieve persistent internal access, exfiltrate confidential and personal information, and compromise the internal segmented infrastructure.

Assumed Breach and Privilege Escalation Case
Weak authentication and poor segmentation enabled privilege escalation from VPN access to full domain control.

Targeted Phishing on Cloud Services Provider Admin infrastructure Case
Successful phishing attacks revealed detection gaps in support and SOC teams, allowing unauthorized access without alerts.