Bankowość i finanse
|CS.105
Identity and Access Management System Testing
Penetration testing and configuration analysis of Active Directory, ADFS, and PKI at a critical infrastructure organization.
Client
Critical infrastructure organization of strategic importance to national security
Challenge
A breach of identity management systems - Active Directory, ADFS, and PKI - could lead to operational paralysis and a threat to national infrastructure. The client needed an objective security assessment of these systems.
Approach
Penetration testing
External and internal testing of AD, ADFS, and PKI systems.
Configuration analysis
Configuration review using Nessus and CIS Benchmark.
Consent Phishing test
Simulation of an attack where a user grants permissions to a fraudulent application - verifying resilience against this vector.
Reporting and workshops
Detailed report with findings and red/blue team workshops to enhance the client team's competencies.
Results
Objective security overview of AD, ADFS, and PKI
Detection of configuration gaps posing real threats
Remediation plan with prioritized actions
Enhanced team competencies through red/blue team workshops
Related case studies
CS.106
Adversary Emulation Security Testing
APT attack emulation against a bank in critical infrastructure - 7 scenarios, SOC collaboration, and 2-day training workshops.
CS.102
AI Deployment Risk and Compliance Analysis in Banking
Comprehensive risk analysis of AI solution deployment (Microsoft 365 Copilot, Azure AI, AWS AI) at a systemically important bank.
CS.112
Cyber Risk Management in Strategic Investments
Supporting the general contractor of a U.S. military base construction in Europe in meeting CMMC 2.0 and RMF requirements for building automation systems.
We'll discuss scope, methodology, and timeline.
Free consultation, no strings attached.