Confidential Cybersecurity case study

Red Teaming at a Top 10 U.S. Bank

Client

This NetSPI client is a major financial services company.

 

Challenge

NetSPI was engaged to do an anonymous scenario-based red team attack against the client’s internal network. This project was designed to test the client’s detective and response capabilities, identify vulnerabilities and escalation paths, and prove that full network compromise was possible in a short period of time. The entire exercise happened during a four-day period. Vectors of attack were limited to network- and application-level attacks. All phishing and other social engineering attacks were out of scope. Beyond allowing physical access to the network, no information was provided to NetSPI.

 

Solution

Using primarily manual testing techniques, the NetSPI pentesters enumerated all of the internal network ranges and systematically exploited vulnerabilities to escalate privileges and avoid detection.

 

Access Downloads

Close
612.465.8880 sales@netspi.com