About security testing:
Social engineering
During this social engineering engagement, it was possible to achieve persistent internal access, exfiltrate confidential and personal information, and compromise the internal segmented infrastructure.
Client-Bank application compromise
This case is a very good example why manual penetration tests are valuable – the team achieved compromise without administrator access to the application, not using any known exploits or discovering injection/deserialization/other RCE flaws.
Azure Active Directory compromise
The Azure penetration test helped the client identify and remediate multiple issues and misconfigurations, harden their infrastructure and calculate potential risks.