About security testing:
Targeted Phishing on Cloud Services Provider Admin infrastructure Case
Successful phishing attacks revealed detection gaps in support and SOC teams, allowing unauthorized access without alerts.
Application Threat Modelling and Phishing Attack Chain Case
A threat model helped prioritize vulnerabilities, leading to the identification of a phishing attack chain that bypassed MFA and allowed unauthorized transactions.
Client-Bank application compromise
This case is a very good example why manual penetration tests are valuable – the team achieved compromise without administrator access to the application, not using any known exploits or discovering injection/deserialization/other RCE flaws.
