Security consultant

Getting Started with Cybersecurity for Your Company: A Short Guide

Start Cybersecurity: Assess risks, define assets, train staff, and implement defenses. Prioritize protection, monitor threats, and adapt strategies for resilience. Read more

Targeted Phishing on Cloud Services Provider Admin infrastructure Case

Successful phishing attacks revealed detection gaps in support and SOC teams, allowing unauthorized access without alerts. Read more

Assumed Breach and Privilege Escalation Case

Weak authentication and poor segmentation enabled privilege escalation from VPN access to full domain control. Read more

Network Compromise and Cloud Infrastructure Exposure Case

Poor network segmentation enabled an attacker to pivot from internal access to full cloud takeover. Read more

Case Study: Strengthening Compliance with NIST CSF 2.0

Poor network segmentation enabled an attacker to pivot from internal access to full cloud takeover. Read more

Application Threat Modelling and Phishing Attack Chain Case

A threat model helped prioritize vulnerabilities, leading to the identification of a phishing attack chain that bypassed MFA and allowed… Read more

Payment processing API penetration testing

Tenendo specialists discovered an unattended staging environment and leveraged its vulnerabilities for sensitive information disclosure. This information was later reused… Read more

PCI DSS segmentation testing case

The team created several hardware connect-back appliances and used it in a PCI DSS segmentation testing. Read more

Internal Adversary Simulation Case

The adversary simulation activity helped the client identify and remediate multiple issues with the on-premise infrastructure and vulnerabilities, calculate potential… Read more

Azure Active Directory compromise

The Azure penetration test helped the client identify and remediate multiple issues and misconfigurations, harden their infrastructure and calculate potential… Read more

EDR product’s effectiveness evaluation

Evaluating EDR Product against Threat Actors: Uncovering Limitations and Collaboration for Enhanced Detection of Multiple Killchains. Read more