Adversary Emulation Security Testing

APT attack emulation against a bank in critical infrastructure - 7 scenarios, SOC collaboration, and 2-day training workshops.

Client

Bank in the critical infrastructure sector in Poland

Challenge

The bank needed to assess its resilience against advanced attacks, identify weaknesses in threat detection, verify monitoring capabilities, and enhance the SOC team's competencies. Testing was conducted in a Purple Team model, in collaboration with the bank's SOC.

Approach

Scenario development

Analysis of TTPs of APT groups targeting the financial sector, workshop with the bank, and agreement on 7 scenarios: Active Directory attacks, network implant, HTTP exploitation, malware simulation, and APT29 emulation.

Scenario execution

Build-out of C2 infrastructure using Cobalt Strike, BloodHound, and Impacket. Progression from initial access through reconnaissance, privilege escalation to data exfiltration - in coordination with the SOC, excluding the production environment.

Reporting

Detailed report with results from each scenario execution and recommendations.

Training workshops

2-day workshops in a dedicated environment: Red Tide game, post-breach analysis (logs, disks, memory).

Results

7 APT attack scenarios

7 APT attack scenarios executed in collaboration with the SOC

Verification of detection and response capabilities against advanced threats

2-day training workshops with post-breach analysis

Recommendations for strengthening monitoring and response procedures

Related services

Red Teaming

Advanced attack simulation targeting people, processes, and technology.

Related case studies

CS.102

Book a consultation

Free consultation, no strings attached.