Confidential Cybersecurity case study

Red Teaming at a Top 10 U.S. Bank


This NetSPI client is a major financial services company.



NetSPI was engaged to do an anonymous scenario-based red team attack against the client’s internal network. This project was designed to test the client’s detective and response capabilities, identify vulnerabilities and escalation paths, and prove that full network compromise was possible in a short period of time. The entire exercise happened during a four-day period. Vectors of attack were limited to network- and application-level attacks. All phishing and other social engineering attacks were out of scope. Beyond allowing physical access to the network, no information was provided to NetSPI.



Using primarily manual testing techniques, the NetSPI pentesters enumerated all of the internal network ranges and systematically exploited vulnerabilities to escalate privileges and avoid detection.


Access Downloads

  • Sign Up for Our Mailing List to Keep Up on the Latest From NetSPI

  • Close

    Contact Us