Case studies. Red Teaming

Network Compromise and Cloud Infrastructure Exposure Case

Poor network segmentation enabled an attacker to pivot from internal access to full cloud takeover.

The challenge

A network security assessment exposed excessive connectivity between corporate and management domains, leading to full control over cloud and virtualized environments.

The solution

Restricted VPN access and isolated AD controllers from Internet exposure.
Enforced MFA on privileged accounts.
Implemented stronger monitoring for unauthorized lateral movement.

How we did it

Used employee dual-domain access to pivot into management networks.
Extracted Azure AD Connector database for admin access.
Gained full control over vSphere via weak authentication.

Conclusion

Without strong segmentation and access controls, an attacker could move laterally and compromise critical infrastructure. Security baselines were enforced to prevent future risks.

Your Cyber Resiliency is Our Passion

schedule a call

About security testing:

EDR product’s effectiveness evaluation

Evaluating EDR Product against Threat Actors: Uncovering Limitations and Collaboration for Enhanced Detection of Multiple Killchains.

Case Studies | Case studies. Red Teaming | Case studies. Security

Assumed Breach and Privilege Escalation Case

Weak authentication and poor segmentation enabled privilege escalation from VPN access to full domain control.

Case studies. Red Teaming | Case studies. Security

Application Threat Modelling and Phishing Attack Chain Case

A threat model helped prioritize vulnerabilities, leading to the identification of a phishing attack chain that bypassed MFA and allowed unauthorized transactions.